Relating Meseguer's Rewriting Logic with the Constructor ... - CiteSeer

Relating Meseguer’s Rewriting Logic with the Constructor-Based Rewriting Logic

Miguel Palomino Tarjuelo

Departamento de Sistemas Informáticos y Programación Facultad de Matem´ aticas, Universidad Complutense de Madrid

A Master’s Thesis Directed by Dr. Narciso Mart´ı Oliet

May 2001

2

Contents 1 Introduction

4

2 General Logics

5

2.1

Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

6

2.2

Entailment systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

6

2.3

Institutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

7

2.4

Logics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

8

2.5

Mapping logics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

8

3 The Logic CRWL

10

3.1

Signatures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

3.2

Sentences, theories and provability . . . . . . . . . . . . . . . . . . . . . . . . 11

3.3

Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

4 Rewriting Logic

14

4.1

Basic universal algebra . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

4.2

The rules of RL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

4.3

The models of RL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

5 An Entailment System for CRWL?

19

6 An Entailment System for RL

21

7 Simulating CRWL in RL

25

8 Simulating RL in CRWL

30

9 Introducing Types

36

9.1

Membership equational logic . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

9.2

Algebraic CRWL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

3 10 Simulating ACRWL

40

11 Simulating MERL in CRWL

41

12 Reflection in CRWL and in RL

48

13 An Institution for CRWL

52

14 An Institution for RL

57

15 An Institution for ACRWL

61

16 Embedding CRWL in RL

63

17 Embedding RL in CRWL

67

18 The Maude Language

68

18.1 Functional Modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68 18.2 System Modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71 18.3 The META-LEVEL module . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72

19 A Maude Interpreter for CRWL 19.1 The CLNC-calculus

76

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

19.2 Simulating CLNC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79

20 Conclusions

99

A The Module NAT-CRWL

103

B The Module MAP-PHI

108

4

§1.

§1. Introduction

Introduction

The aim of this research paper is to study in close detail, and to clarify in some extent, the relationships between two well known approaches to rewriting as logical deduction, namely, José Meseguer’s rewriting logic [21], and the constructor-based rewriting logic developed by Mario Rodr´ıguez Artalejo’s research group in Madrid [14]. The first of these was proposed as a logical framework wherein to represent other logics, and also as a semantic framework for the specification of languages and systems. The experience accumulated throughout the last years has come to support that original intention, having been shown that rewriting logic is a very flexible framework in which many other logics, including first-order logic, intuitionistic logic, linear logic, Horn logic with equality, as well as any other logic with a sequent calculus, can be represented. An important characteristic of these representations that should be stressed is that they are usually quite simple and natural, so that their mathematical properties are often straightforward to derive. On the other hand, the goal of the constructor-based rewriting logic is to serve as a logical basis for declarative programming languages involving lazy evaluation, offering support, in addition, to nondeterministic functions. A suitable framework in which to carry out our study is the theory of general logics developed by Meseguer. There, a logic is described in a very abstract manner and two separated components are distinguished in it: an entailment system and an institution, corresponding with the syntantic and the semantic parts of the logic, respectively. Ideally, we would like to find entailment systems and institutions associated to the logics under our consideration so as to be able to define suitable mappings between them; unfortunately, this will prove to be not possible in all cases, and in those occasions we will be forced to leave this formal framework. Our interest throughout this work will be mainly focused on the simplest versions of both logics, corresponding to an untyped situation. Nevertheless we will also introduce some of their possible extensions in order to point out how our methods could be adapted to deal with more general cases. (Actually, rewriting logic is parameterized by an underlying equational logic, which can vary from the very simple unsorted and unconditional one with which we will be mostly concerned, to the very expressive membership equational logic.) The final part of this paper tries to contribute with some practical work to the theoretical developments of previous sections. The idea is to define abstract datatypes for the finitely presentable theories in both Meseguer’s and Rodr´ıguez-Artalejo’s logics, as well as a function mapping theories in this last logic to theories in rewriting

§2. General Logics

5

logic simulating their behaviour. This function can be defined equationally, and so can be specified in the Maude language associated to rewriting logic, which will allow us to prototype and execute any constructor-based rewriting logic theory. We have tried this work to be as self-contained as possible, reviewing all notions that are needed, specially the more exotic ones. We assume, however, a basic knowledge of category theory as can be found in [4, 17]; whenever a more advanced topic is used it is first discussed in the text. In a work like this, notation itself sometimes becomes a problem. We have stuck to standard usage, but tried not to be excessively formalist in order to lighten the notation as much as possible. For example, the turnstile ` is used for the derivability relation; an accurate use of it would require to point the logic we are deriving in as subscript, but also the concrete signature we are working with. However, except perhaps when presenting a definition or when we are interested in emphasizing some point, this extra information will not be written and we will let the context to disambiguate any possible conflict. Acknowledgements. I would like to express my most sincere gratitude to my advisor, Narciso Mart´ı Oliet, responsible to a great extent of my current position and reseach interests, and who has been always willing to help me, and not only throughout the development of this work. I specially thank José Meseguer, who pointed to us the right way to extend the notion of satisfaction in rewriting logic, and Mario Rodr´ıguez Artalejo, who read a preliminary version of this paper and made some valuable comments. Finally, I also thank David de Frutos for kindly accepting to take the place of my advisor in the commitee entrusted with judging this work. Financial support through a predoctoral grant by the Spanish Ministry for Education, Culture and Sports, is gratefully acknowledged.

§2.

General Logics

A general axiomatic theory of logics should cover all the key ingredients of a logic. These include: a syntax, a notion of entailment of a sentence from a set of axioms, a notion of model, and a notion of satisfaction of a sentence by a model. A flexible axiomatic notion of a proof calculus, in which proofs of entailments, not just the entailments themselves, are first class citizens should also be included (we will not be concerned about this issue in this work, though). The theory of general logics [19] is a study of these different ingredients and their interrelations, and the present section is a brief review of the main definitions that will be used later on, borrowing heavily from Mart´ı-Oliet and Meseguer’s paper [18].

6

§2. General Logics

2.1. Syntax Syntax is typically given by a signature Σ providing a grammar on which sentences are built. For first order logic, a typical signature consists of a list of function symbols and a list of predicate symbols, each with a certain number of arguments, which are used to build up sentences by means of the usual logical connectives. For our purposes, and in order to allow maximum freedom and generality, it will be assumed that for each logic there is a category Sign of possible signatures for it, and a functor sen assigning to each signature Σ the set sen(Σ) of all its sentences.

2.2. Entailment systems For a given signature Σ in Sign, entailment (also called provability) of a sentence ϕ ∈ sen(Σ) from a set of axioms Γ ⊆ sen(Σ) is a relation Γ ` ϕ which holds if and only if we can prove ϕ from the axioms Γ using the rules of the logic. We make this relation relative to a signature. In the rest of the paper, let |C| denote the collection of objects of a category C. An entailment system is a triple E = (Sign, sen, `) such that • Sign is a category whose objects are called signatures, • sen : Sign → Set is a functor associating to each signature Σ a corresponding set of Σ-sentences, and • ` is a function which associates to each Σ ∈ |Sign| a binary relation `Σ ⊆ P(sen(Σ)) × sen(Σ) called Σ-entailment such that the following properties are satisfied: 1. reflexivity: for any ϕ ∈ sen(Σ), {ϕ} `Σ ϕ, 2. monotonicity: if Γ `Σ ϕ and Γ0 ⊇ Γ then Γ0 `Σ ϕ, 3. transitivity: if Γ `Σ ϕi , for all i ∈ I, and Γ ∪ {ϕi | i ∈ I} `Σ ψ, then Γ `Σ ψ, 4. `-translation: if Γ `Σ ϕ, then for any H : Σ → Σ0 in Sign, sen(H)(Γ) `Σ0 sen(H)(ϕ). The entailment relation induces a function mapping each set of sentences Γ to the set Γ• = {ϕ | Γ ` ϕ}. We call Γ• the set of theorems provable from Γ. Given an entailment system E, its category Th of theories has as objects pairs T = (Σ, Γ), with Σ a signature and Γ ⊆ sen(Σ). A theory morphism H : (Σ, Γ) → (Σ0 , Γ0 )

§2. General Logics

7

is a signature morphism H : Σ → Σ0 such that if ϕ ∈ Γ, then Γ0 `Σ0 sen(H)(ϕ). A theory morphism is axiom-preserving if, in addition, it satisfies the condition sen(H)(Γ) ⊆ Γ0 . This defines a subcategory Th0 with the same objects as Th but with morphisms restricted to be axiom-preserving theory morphisms, that does not depend on the entailment relation. By projecting on the first component we get a functor sign : Th → Sign. Note also that the functor sen can be extended to a functor on theories by taking sen(Σ, Γ) = sen(Σ).

2.3. Institutions The notion of model is based on Goguen and Burstall’s pioneering work on institutions (see [12]). An institution is a 4-tuple I = (Sign, sen, Mod, |=) such that • Sign is a category whose objects are called signatures, • sen : Sign → Set is a functor associating to each signature Σ a set of Σsentences, • Mod : Signop → Cat is a functor that gives for each signature Σ a category whose objects are called Σ-models, and • |= is a function associating to each Σ ∈ |Sign| a binary relation |=Σ ⊆ |Mod(Σ)| × sen(Σ) called Σ-satisfaction, in such a way that the following property holds for any H : Σ → Σ0 , M 0 ∈ |Mod(Σ0 )| and all ϕ ∈ sen(Σ): M 0 |=Σ0 sen(H)(ϕ) ⇐⇒ Mod(H)(M 0 ) |=Σ ϕ. Given a set of Σ-sentences Γ, the category Mod(Σ, Γ) is defined as the full subcategory of Mod(Σ) determined by those models M ∈ Mod(Σ) that satisfy all the sentences in Γ. A relation between sets of sentences and sentences, also denoted as |=, can be defined by Γ |=Σ ϕ ⇐⇒ M |=Σ ϕ for each M ∈ |Mod(Σ, Γ)|. We can then associate an entailment system to each institution I = (Sign, sen, Mod, |=) in a natural way by means of the triple I + = (Sign, sen, |=), where |= now denotes the previously defined relation between sets of sentences and sentences; I + is easily seen to satisfy the conditions to be an entailment system. Given an institution I, its category Th of theories is defined as the category of theories associated to the entailment system I + . If H : (Σ, Γ) → (Σ0 , Γ0 ) is a theory morphism and M 0 ∈ Mod(Σ0 , Γ0 ), it is not difficult to check that Mod(H)(M 0 ) ∈

8

§2. General Logics

Mod(Σ, Γ). The model functor Mod can then be extended to a functor Mod : Thop → Cat. Liberality is an important property expressing the possibility of free constructions generalizing the principle of “initial algebra semantics”. An institution is liberal if all the forgetful functors Mod(H) : Mod(Σ0 , Γ0 ) → Mod(Σ, Γ) induced by the theory morphisms H : (Σ, Γ) → (Σ0 , Γ0 ) have left adjoints. Another property expressing the possibility of “putting theories together” by colimits is the exactness of an institution. An institution is exact if its category of signatures is cocomplete and the model functor Mod : Signop → Cat preserves colimits, and is semiexact if Sign has pushouts and Mod preserves pushouts.

2.4. Logics Defining a logic is now immediate. A logic is a 5-tuple L = (Sign, sen, Mod, `, |=) such that: • (Sign, sen, `) is an entailment system, • (Sign, sen, Mod, |=) is an institution, and • the following soundness condition is satisfied: for any Σ ∈ |Sign|, Γ ⊆ sen(Σ), and ϕ ∈ sen(Σ), Γ `Σ ϕ =⇒ Γ |=Σ ϕ. The logic is called complete if the above implication is in fact an equivalence.

2.5. Mapping logics The advantage of having an axiomatic theory of logics is that the “space” of all logics (or that of all entailment systems, institutions, etc.) becomes well understood. This space is not just a collection of objects bearing no relationship to each other; in fact, the most interesting outcome of the theory of general logics is that it gives us a method for relating logics in a general and systematic way, and to exploit such relations in many applications, by considering maps that interpret one logic into another. Let us first discuss in some detail maps of entailment systems. Basically, a map of entailment systems E → E 0 maps the language of E to that of E 0 in a way that respects the entailment relation. This means that signatures of E are functorially

§2. General Logics

9

mapped to signatures of E 0 , and that sentences of E are mapped to sentences of E 0 in a way that is coherent with the mapping of their corresponding signatures. In addition, such a mapping α must respect the entailment relations ` of E and `0 of E 0 . It turns out that for many interesting applications one wants to be more general and allow maps that send a signature of E to a theory of E 0 . These maps extend to maps between theories, and in this context the coherence with the mapping at the level of signatures is expressed by the notion of sensible functor. In what follows, let us denote by (Σ0 , Γ0 ) the image obtained by applying to a theory (Σ, Γ) a functor Φ : Th0 → Th00 preserving signatures; in particular, the theory Φ(Σ, ∅) will be denoted by (Σ0 , ∅0 ). Given entailment systems E = (Sign, sen, `) and E 0 = (Sign0 , sen0 , `0 ), a functor Φ : Th0 → Th00 and a natural transformation α : sen ⇒ sen0 ◦ Φ, we say that Φ is α-sensible if the following conditions are satisfied: 1. There is a functor Φ : Sign → Sign0 such that sign0 ◦ Φ = Φ ◦ sign. 2. (Γ0 )• = (∅0 ∪ αΣ (Γ))• . Essentially, this means that Φ is completely determined by its restriction to empty theories and α. It is proved in [19] that the natural transformation α only depends on the signatures, not on the theories. Now, the definition sketched above can be formally expressed as follows. Given entailment systems E = (Sign, sen, `) and E 0 = (Sign0 , sen0 , `0 ), a map of entailment systems (Φ, α) : E → E 0 consists of a natural transformation α : sen ⇒ sen0 ◦ Φ and an α-sensible functor Φ : Th0 → Th00 satisfying the following property: Γ `Σ ϕ =⇒ Γ0 `0Σ0 αΣ (ϕ). We call (Φ, α) conservative when the above implication is an equivalence. The ideas behind maps of institutions are similar. Now, in addition, we will have a natural transformation β : Mod0 ◦ Φop ⇒ Mod which, like model functors, maps models “backwards” and is subject to a certain satisfaction condition. Given institutions I = (Sign, sen, Mod, |=) and I 0 = (Sign0 , sen0 , Mod0 , |=0 ), a map of institutions (Φ, α, β) : I → I 0 consists of a natural transformation α : sen ⇒ sen0 ◦ Φ, an α-sensible functor1 Φ : Th0 → Th00 , and a natural transformation β : Mod0 ◦ Φop ⇒ Mod such that for each Σ ∈ |Sign|, ϕ ∈ sen(Σ), and M 0 ∈ |Mod0 (Φ(Σ, ∅))| the following property is satisfied: M 0 |=0Σ0 αΣ (ϕ) ⇐⇒ β(Σ,∅) (M 0 ) |=Σ ϕ. 1

The functor Φ is α-sensible for the entailment systems (Sign, sen, |=) and (Sign0 , sen0 , |=0 ) associated to I and I 0 .

§3. The Logic CRWL

10

The definition of map of logics follows now immediately: it is given by two maps, one for its underlying entailment system and another for its underlying institution, which agree on the translation of signatures and sentences. Thus, given logics L = (Sign, sen, Mod, `, |=) and L0 = (Sign0 , sen0 , Mod0 , `0 , |=0 ), a map of logics (Φ, α, β) : L → L0 consists of a functor Φ : Th0 → Th00 , and natural transformations α : sen ⇒ sen0 ◦ Φ and β : Mod0 ◦ Φop ⇒ Mod such that: • (Φ, α) : (Sign, sen, `) → (Sign0 , sen0 , `0 ) is a map of entailment systems, and • (Φ, α, β) : (Sign, sen, Mod, |=) → (Sign0 , sen0 , Mod0 , |=0 ) is a map of institutions. We call (Φ, α, β) conservative if and only if (Φ, α) is so as a map of entailment systems.

§3.

The Logic CRWL

Constructor-based ReWriting Logic (CRWL) is a logic developed at the Declarative Programming Group in the Universidad Complutense de Madrid. This (untyped) logic has been described in [14], where it is proposed as a framework in which “to model the evaluation of terms in a constructor-based language including non-strict and possibly non-deterministic functions, so that it can serve as a logical basis for declarative programming languages involving lazy evaluation”. The present section reviews the basic definitions presented in that paper.

3.1. Signatures CRWL uses signatures with constructors, which are countable sets Σ = CΣ ∪ FΣ , S S where CΣ = n∈IN CΣn and FΣ = n∈IN FΣn are disjoint sets of constructor and defined function symbols respectively, each of them with an associated arity. Given a countable set X of variables, we will write Expr(Σ, X ) for the set of expressions which can be built with Σ and X , and we will distinguish the subset Term(Σ, X ) of those terms which only make use of CΣ and X . We will also use Σ⊥ to refer to the signature which is obtained from Σ by adding to it a new constructor ⊥ of arity 0, and Expr⊥ (Σ, X ) and Term⊥ (Σ, X ) for the associated (partial) expressions and terms. In Juan Miguel Molina’s thesis [24], signature morphisms are also defined. A signature morphism σ : Σ → Σ0 from a signature Σ = CΣ ∪ FΣ to another Σ0 = CΣ0 ∪ FΣ0 is a pair of functions (denoted with the same σ) σ : C Σ → CΣ 0

and

σ : FΣ → FΣ0 ,

§3. The Logic CRWL

11

mapping n-ary symbols to n-ary symbols. A signature morphism σ : Σ → Σ0 can be extended to a map between the corresponding expressions as follows: σ(⊥) σ(x) σ(c) σ(h(t1 , . . . , tn ))

= = = =

⊥; x, ∀x ∈ X ; σ(c), ∀c ∈ CΣ0 ∪ FΣ0 ; σ(h)(σ(t1 ), . . . , σ(tn )), ∀h ∈ CΣn ∪ FΣn , n > 0.

3.2. Sentences, theories and provability Given a signature Σ, a CRWL-program is defined as a set Γ of conditional rewrite rules of the form: f (t1 , . . . , tn ) → r ⇐ a1 ./ b1 , . . . , am ./ bm

(m ≥ 0)

with f ∈ FΣn , t1 , . . . , tn ∈ Term(Σ, X ), ai , bi ∈ Expr(Σ, X ), i = 1, . . . , m, and each variable occurring in t1 , . . . , tn having a single ocurrence. In [14] CRWL-programs are also called CRWL-theories. Here, we will reserve that name for pairs T = (Σ, Γ), as it is usually done. From a given theory (Σ, Γ) we are interested in deriving sentences of two kinds: • Reduction statements: a → b, with a, b ∈ Expr⊥ (Σ, X ). • Joinability statements: a ./ b, with a, b ∈ Expr⊥ (Σ, X ). Among reduction statements, those with b ∈ Term⊥ (Σ, X ) are called approximation statements. Given a signature morphism σ, the extension to rewrite rules is immediate by defining σ(a ./ b) = σ(a) ./ σ(b), and σ(l → r ⇐ C) = σ(l) → σ(r) ⇐ σ(C). To define formal derivability from a theory T = (Σ, Γ) two rewriting calculus are introduced: a Basic Rewriting Calculus (BRC) and a Goal-Oriented Rewriting Calculus (GORC). BRC is more natural than GORC, but GORC is used to derive the operational semantics of CRWL. Besides, GORC does not allow to derive reduction statements in its full generality, but only approximation statements; however, for them it is equivalent to BRC. In the following, only BRC will be used, whose rules are:

12

§3. The Logic CRWL 1. Bottom (B). For each e ∈ Expr⊥ (Σ, X ), e→⊥

.

2. Monotonicity (MN). For each h ∈ CΣn ∪ FΣn , n ∈ IN, e1 → e01 . . . en → e0n . h(e1 , . . . , en ) → h(e01 , . . . , e0n ) 3. Reflexivity (RF). For each e ∈ Expr⊥ (Σ, X ), e→e

.

4. Reduction (R). For each (l → r ⇐ C) ∈ [Γ]⊥ , C , l→r where [Γ]⊥ is the set of all instances of rewrite rules in Γ, obtained by substituting elements in Term⊥ (Σ, X ) for variables. 5. Transitivity (TR).

e → e0 e0 → e00 e → e00

6. Join (J). a→t b→t , a ./ b if t ∈ Term(Σ, X ). We say that T entails e → e0 and write T `CRWL e → e0 if e → e0 can be obtained by finite application of the above rules. By an abuse of notation we will sometimes simply write Γ `CRWL e → e0 .

3.3. Models Before defining models we review some definitions. A partially ordered set (in short, poset) with bottom ⊥ is a set S equipped with a partial order v and a least element ⊥. We say that an element x ∈ S is totally defined if x is maximal with respect to v. The set of all totally defined elements of S will be denoted Def (S). D ⊆ S is a directed set if for all x, y ∈ D there exists z ∈ D with x v z, y v z. A subset A ⊆ S is a cone if ⊥ ∈ D and, for all x ∈ A, y ∈ S, if y v x then y ∈ A. An

§3. The Logic CRWL

13

ideal I ⊆ S is a directed cone. For x ∈ S, the principal ideal generated by x is hxi = {y ∈ S | y v x}. We write C(S), I(S) for the sets of cones and ideals of S respectively. Given a signature Σ, a CRWL-algebra over Σ is a triple A = (D A , {cA }c∈CΣ , {f A }f ∈FΣ ), where D A is a poset with bottom, and cA and f A are monotone mappings from (D A )n to C(D A ), with n the corresponding arity. In addition, for c ∈ CΣn and for all u1 , . . . , un ∈ D A , there exists a v ∈ D A such that cA (u1 , . . . , un ) = hvi. Moreover, v ∈ Def (D A ) in case that all ui ∈ Def (D A ). ˆ : C(S) → C(S 0 ) defined Note that any h : S → C(S 0 ) can be extended to a function h S ˆ ˆ also as h in the by h(x) = h(x). By an abuse of notation, we will write h x∈S

sequel.

A valuation over A is any mapping η : X → D A , and we say that η is totally defined if η(x) ∈ Def (D A ) for all x ∈ X . The evaluation of an expression e ∈ Expr⊥ (Σ, X ) in A under η yields [[e]]A η ∈ C(D A ) which is defined recursively as follows: • [[⊥]]A η = h⊥A i. • [[x]]A η = hη(x)i, for x ∈ X . • [[h(e1 , . . . , en )]]A η = hA ([[e1 ]]A η, . . . , [[e1 ]]A η), for all h ∈ CΣn ∪ FΣn . We are now prepared to define models. Assume a program Γ and a CRWL-algebra A. We define: • A satisfies a reduction statement a → b under a valuation η, (A, η) |= a → b, if [[a]]A η ⊇ [[b]]A η. • A satisfies a joinability statement a ./ b under η, (A, η) |= a ./ b, if [[a]]A η ∩ [[b]]A η ∩ Def (D A ) 6= ∅. • A satisfies a rule l → r ⇐ C if every valuation η such that (A, η) |= C verifies (A, η) |= l → r. • A is a model of Γ, A |= Γ if A satisfies all the rules is Γ. Finally, we can also define homomorphisms between CRWL-algebras. Let A, B be two CRWL-algebras over a signature Σ. A CRWL-homomorphism H : A → B is a monotone function H : D A → C(D B ) which satisfies the following conditions:

§4. Rewriting Logic

14

1. H is element-valued: for all u ∈ D A there exists v ∈ D B such that H(u) = hvi. 2. H is strict: H(⊥A ) = h⊥B i. 3. H preserves constructors: for all c ∈ CΣn , ui ∈ D A , is H(cA (u1 , . . . , un )) = cB (H(u1 ), . . . , H(un )). 4. H loosely preserves defined functions: that is, for all f ∈ FΣn , ui ∈ D A , H(f A (u1 , . . . , un )) ⊆ f B (H(u1 ), . . . , H(un )). CRWL-algebras as objects with CRWL-homomorphisms as arrows form a category.

§4.

Rewriting Logic

Rewriting logic (RL for short) is a logic that was developed by José Meseguer in the early nineties [20, 21], aiming at the unification of different approaches to concurrency. During this last decade, RL has proved to be a powerful and flexible tool, very suitable as both a logical and a semantic framework [18]. In this section we review its rules of deduction as well as its semantics, borrowing heavily from [21].

4.1. Basic universal algebra RL is parameterized with respect to the version of the underlying equational logic, which can be unsorted, many-sorted, order-sorted, or the recently developed membership equational logic [22]. For the sake of simplifying the exposition, we treat here the unsorted case. A set Σ of function symbols is a ranked alphabet Σ = {Σn | n ∈ IN}. A Σ-algebra is then a set A together with an assignment of a function fA : An → A for each f ∈ Σn with n ∈ IN. We denote by TΣ the Σ-algebra of ground Σ-terms, and by TΣ (X ) the Σ-algebra of Σ-terms with variables in a set X . Similarly, given a set E of Σ-equations, TΣ,E denotes the Σ-algebra of equivalence classes of ground Σterms modulo the equations E; in the same way, TΣ,E (X ) denotes the Σ-algebra of equivalence classes of Σ-terms with variables in X modulo the equations E. Let [t]E or just [t] denote the E-equivalence class of t. Given a term t ∈ TΣ ({x1 , . . . , xn }), and terms u1 , . . . , un , t(u1 /x1 , . . . , un /xn ) denotes the term obtained from t by simultaneously substituting ui for xi , i = 1, . . . , n. To simplify notation, we denote a sequence of objects a1 , . . . , an by a; with this notation, t(u1 /x1 , . . . , un /xn ) can be abbreviated to t(u/x).


15

4.2. The rules of RL A signature in RL is a pair (Σ, E) with Σ a ranked alphabet of function symbols and E a set of Σ-equations. Rewriting will operate on equivalence classes of terms modulo the set of equations E. In this way, we free rewriting from the syntactic constraints of a term representation and gain a much greater flexibility in deciding what counts as a data structure; for example, string rewriting is obtained by imposing an associativity axiom, and multiset rewriting by imposing associativity and commutativity. Of course, standard term rewriting is obtained as the particular case in which the set E of equations is empty. Given a signature (Σ, E), sentences of RL are “sequents” of the form [t]E → [t0 ]E , where t and t0 are Σ-terms possibly involving some variables from the countably infinite set X = {x1 , . . . , xn , . . .}. A theory in this logic, called an RL-theory, is a slight generalization of the usual notion of theory in that we allow the axioms—in this case the sequents [t]E → [t0 ]E —to be labelled. This is very natural for many applications, and customary for automata—viewed as labelled transition systems— and for Petri nets, which are both particular instances of our definition. A RL-theory R is a 4-tuple R = (Σ, E, L, Γ) where Σ is a ranked alphabet of function symbols, E is a set of Σ-equations, L is a set of labels, and Γ is a set of pairs Γ ⊆ L × (TΣ,E (X )2 )+ whose first component is a label and whose second component is a nonempty sequence of pairs of E-equivalence classes of terms, with X = {x1 , . . . , xn , . . .} a countably infinite set of variables. Elements of Γ are called rewrite rules. For a rewrite rule (r, ([t], [t0 ])([a1 ], [b1 ]) . . . ([am ], [bm ])) we use the notation r : [t] → [t0 ] if [a1 ] → [b1 ] ∧ . . . ∧ [am ] → [bm ]. To indicate that {x1 , . . . , xn } is the set of variables occurring in either t, t0 or C, we write r : [t(x1 , . . . , xn )] → [t0 (x1 , . . . , xn )] if C(x1 , . . . , xn ), or in abbreviated notation r : [t(x)] → [t0 (x)] if C(x). Given an RL-theory R, we say that R entails a sequent [t] → [t0 ] and write R `RL [t] → [t0 ] if and only if [t] → [t0 ] can be obtained by finite application of the following rules of deduction: 1. Reflexivity (RF). For each [t] ∈ TΣ,E (X ), [t] → [t]

.

2. Congruence (CG). For each f ∈ Σn , n ∈ IN, [t1 ] → [t01 ] . . . [tn ] → [t0n ] . [f (t1 , . . . , tn )] → [f (t01 , . . . , t0n )]


16

3. Replacement (RP). For each rewrite rule r : [t(x)] → [t0 (x)] if [a1 (x)] → [b1 (x)] ∧ . . . ∧ [am (x)] → [bm (x)] in Γ, [w1 ] → [w10 ] . . . [wn ] → [wn0 ] [a1 (w/x)] → [b1 (w/x)] . . . [am (w/x)] → [bm (w/x)] . [t(w/x)] → [t0 (w0 /x)] 4. Transitivity (TR). [t1 ] → [t2 ] [t2 ] → [t3 ] . [t1 ] → [t3 ]

A nice consequence of having defined rewriting logic is that concurrent rewriting, rather than emerging as an operational notion, actually coincides with deduction in such a logic. Given an RL-theory R = (Σ, E, L, Γ), a (Σ, E)-sequent [t] → [t0 ] is called a concurrent R-rewrite (or just a rewrite) if and only if it can be derived from R by finite application of the rules 1-4, i.e., R `RL [t] → [t0 ].

4.3. The models of RL Before proceeding to R-systems, the models of RL, we need the categorical notion of subequalizer (see [16]), a notion generalizing that of equalizer of two functors2 . Given a family of pairs of functors {Fi , Gi : A → Bi | i ∈ I}, the (simultaneous) subequalizer of this family is a category Subeq((Fi , Gi )i∈I ) together with a functor J : Subeq((Fi , Gi )i∈I ) → A and a family of natural transformations {αi : Fi ◦ J ⇒ Gi ◦ J | i ∈ I} satisfying the following universal property: Given a functor H : C → A and a family of natural transformations {βi : Fi ◦ H ⇒ Gi ◦ H | i ∈ I}, there exists a unique functor (H, {βi }i∈I ) : C → Subeq((Fi , Gi )i∈I ) such that J ◦(H, {βi }i∈I ) = H 2

and

αi ◦(H, {βi }i∈I ) = βi

(i ∈ I).

In [23], subequalizers are shown to coincide with inserters, a special kind of weighted limit, in the 2-category Cat. This allows the author to generalize the models of RL, building them over arbitrary 2-categories and even enriched categories.


17

Schematically, the following diagram must be commutative: A ? J Subeq(Fj , Gj )

Fi α

⇒i J

/ Bi ? Gi

id Bi

/A

O

id A Fi

(H, {βj })

?A

H

β

⇒i

C

H

/ Bi ? id A Gi

/A

The construction of Subeq((Fi , Gi )i∈I ) is quite simple. Its objects are pairs (A, {bi }i∈I ) with A an object in A and bi : Fi (A) → Gi (A) a morphism in Bi . Morphisms a : (A, {bi }i∈I ) → (A0 , {b0i }i∈I ) are morphisms a : A → A0 in A such that for each i ∈ I, Gi (a) ◦ bi = b0i ◦ Fi (a). The functor J is just projection into the first component. The natural transformations αj are defined by αj (A, {bi }i∈I ) = bj (j ∈ I). Then, given an RL-theory R = (Σ, E, L, Γ), an R-system S is a category S together with: • a (Σ, E)-algebra structure given by a family of functors {fS : S n → S | f ∈ Σn , n ∈ IN} satisfying the equations E, i.e., for any t(x1 , . . . , xn ) = t0 (x1 , . . . , xn ) in E we have an identity of functors tS = t0S , where the functor tS is defined inductively from the functors fS in the obvious way. • for each rewrite rule r : [t(x)] → [t0 (x)] if [a1 (x)] → [b1 (x)] ∧ . . . ∧ [am (x)] → [bm (x)] in Γ, a natural transformation rS : tS ◦ JS ⇒ t0S ◦ JS , where JS : Subeq((ajS , bjS )1≤j≤m ) → S n is the subequalizer functor.

18


An R-homomorphism F : S → S 0 between two R-systems is then a functor F : S → S 0 such that • it is a Σ-algebra homomorphism, i.e., F ◦ fS = fS 0 ◦ F n , for each f in Σn , n ∈ IN, and • “F preserves Γ”, i.e., for each rewrite rule r : [t(x)] → [t0 (x)] if C in Γ we have the identity of natural transformations F ◦ rS = rS 0 ◦ F • , where F • : Subeq(CS ) → Subeq(CS 0 ) is the unique functor induced by the universal property of Subeq(CS 0 ) by the composition functor Fn

J

S Subeq(CS ) −→ S n −→ S 0

n

and the natural transformations F ◦ αj , 1 ≤ j ≤ m, where the condition C has m rewrites [aj ] → [bj ], and αj is the jth natural transformation associated to the subequalizer Subeq(CS ). That is, the following diagram must commute: ?S JS

tS

n r

S ⇒

JS

Subeq(ajS , bjS )

/S ? t0S

/ Sn

F

Fn tS 0

F•

/ S0 ? F n t0S 0

0n S ?

JS 0

Subeq(ajS 0 , bjS 0 )

rS 0

⇒

/ S0

JS0

Despite the somewhat complicated definition of F • , its behaviour on objects is quite simple; it is given by the equation n

n

F • (C , cm ) = (F n (C ), F m (cm )). This defines a category R-Sys in the obvious way.

§5. An Entailment System for CRWL?

19

A sequent [t(x1 , . . . , xn )] → [t0 (x1 , . . . , xn )] is satisfied by a R-system S if there exists a natural transformation α : tS ⇒ t0S between the functors tS , t0S : S n → S. We use the notation S |= [t(x1 , . . . , tn )] → [t0 (x1 , . . . , xn )]. With respect to this definition of satisfaction, the proof calculus is sound and complete [21]. Completeness is obtained by means of an initial model construction.

§5.

An Entailment System for CRWL?

According to the data presented in Section 3 (theories, derivability, rewriting calculus) we can try to associate an entailment system to CRWL. The category of signatures is immediately obtained, as it is not difficult to check that composition of signature morphisms is associative. Nevertheless, it is not so clear how to define the functor sen : Sign → Set. Following the definitions in Section 3 we have three natural possibilities (together with their combinations): assigning to each signature the set of all its conditional rewrite rules, or the set of all its reduction statements, or the set of its approximation statements. The last two options are too limited because they would only allow unconditional theories; the first one poses (at least at first sight) the problem of defining how to derive a conditional rule within the calculus. For the time being, let us associate to each signature the corresponding set of conditional rewrite rules (it is also Juan Miguel Molina’s choice in his thesis [24], in order to define an institution associated to CRWL). For a reduction statement ϕ let us define Γ ` ϕ if and only if ϕ can be derived from Γ using BRC. Then, no matter what the definition of Γ ` ϕ is when ϕ is conditional, we won’t have an entailment system. The reason is that the relation ` is not transitive (even for regular rules, i.e., those which do not introduce new variables in the righthand side of the rewriting relation). For example, let Σ be a signature with CΣ = ∅, c, d ∈ FΣ0 , h ∈ FΣ1 . Then, bearing in mind that h(c) → h(⊥) is always provable (with rules B and MN on page 11), { c → h(c), h(x) → h(d), h(x) → h(d) ⇐ x ./ x, } ` c → h(d) { c → h(c), h(x) → h(d) ⇐ x ./ x } ` h(x) → h(d), but { c → h(c), h(x) → h(d) ⇐ x ./ x } 6` c → h(d).

20

§5. An Entailment System for CRWL?

The first statement is proved by instantiating h(x) → h(d) with ⊥ and applying transitivity (note that c cannot be used to instantiate this rule, as it is not a term); for the second, simply instantiate h(x) → h(d) ⇐ x ./ x with x. The third statement is formally proved by induction on derivations; let us just note that the crucial point is that the rule h(x) → h(d) ⇐ x ./ x cannot be instantiated with ⊥. This proves that we are not going to be able to build an entailment system based on the CRWL rewriting calculus, as any sensible one should contain, at least, the conditional rewrite rules among its sentences. We will have, however, an entailment system corresponding to the institution that will be associated to CRWL in Section 13. The previous example is no longer a counterexample due to the peculiar relationship between derivability (`) and satisfaction (|=) in CRWL, reflected in the following results which are proved in [14]: • If ϕ is a reduction or a joinability statement, Γ `CRWL ϕ implies that (A, η) |= ϕ, for every A |= Γ and every totally defined valuation η. • If ϕ is an approximation or a joinability statement, the previous implication becomes an equivalence. This way, the soundness and completeness results are partial since they limit the type of the sentences (for completeness) as well as the type of the valuations (for both of them). Restricting the notion of satisfaction to totally defined valuations so as to strengthen the previous theorems does not seem to work, as every model of Γ must satisfy all the rules under any valuation. In fact, defining Γ |= ϕ in the usual way, that is, Γ |= ϕ if and only if for every model A of Γ we have A |= ϕ (this definition does not appear in [14]) it turns out that the CRWL rewriting calculus is neither sound nor complete, as the following examples, in which c, h ∈ FΣ , show: • Regarding soundness, { h(x) → c ⇐ x ./ x } ` h(x) → c but { h(x) → c ⇐ x ./ x } 6|= h(x) → c. The first statement is immediate; for the second just consider the CRWLalgebra A with D A = {⊥, a1 , a2 } and ordering ⊥ v a1 v a2 , cA = ha2 i and hA (x) = hxi. • Regarding completeness, { h(x) → x } |= h(c) → c but { h(x) → x } 6` h(c) → c. Given a model A of { h(x) → x } and a ∈ cA , we have a ∈ hA (a) ⊆ hA (cA ), and so cA ⊆ hA (cA ) and A |= h(c) → c. On the other hand, it can be proved by induction on the derivation that if { h(x) → x } ` h(c) → e, then either e = ⊥, or e = h(⊥), or e = h(c).

§6. An Entailment System for RL

§6.

21

An Entailment System for RL

We treat here the version of RL which uses unconditional, unsorted equational logic as its underlying equational logic. We can try to associate to it an entailment system and the obvious choice would be to take as Sign the category of equational theories; then, sen would assign to a signature the set of its associated conditional rewrite rules, and ` would be given by derivation in the RL-calculus. Unfortunately, the fact that conditional rewrite rules are not derivable in the calculus of Section 4.2 causes that the reflexivity property (see page 6) that any entailment system must verify, does not hold. A way out of this problem would be to change the definition of sen so that only unconditional rewrite rules were associated to a signature, and unc . Another possibility would be to this actually produces an entailment system ERL extend the original proposal, defining derivability for conditional rules. The latter will be our main task for the rest of this section. Note that not only is derivability undefined for conditional rules, but also is satisfaction. However, we would like to rest on a natural definition of satisfaction to support the claim that our extended notion of derivability is a suitable one. Taking the definition of R-system as guide, we say that a conditional rewrite rule [t(x)] → [t0 (x)] if [a1 (x)] → [b1 (x)] ∧ . . . ∧ [am (x)] → [bm (x)], is satisfied by an R-system S if there exists a natural transformation α : tS ◦ JS ⇒ t0S ◦ JS , where JS : Subeq((ajS , bjS )1≤j≤m ) → S n . Much more about this topic will be discussed in Section 14. For the moment we will just use it to justify our definition of derivability of conditional rules. Given an RL-theory R = (Σ, E, L, Γ) and a set of variables X, we define R(X) = (Σ(X), E, L, Γ0 ) where Σ(X) is the set of function symbols obtained by adding the elements of X as constants to Σ, and Γ0 is obtained from Γ by renaming with fresh variables. We then have the following 6.1 Proposition Let R be an RL-theory and [t(x)] → [t0 (x)] if [a1 (x)] → [b1 (x)] ∧ . . . ∧ [am (x)] → [bm (x)] a conditional rewrite rule; then, the following statements are equivalent: 1. R |= [t(x)] → [t0 (x)] if [a1 (x)] → [b1 (x)] ∧ . . . ∧ [am (x)] → [bm (x)]; 2. R(x) ∪ {[a1 (x)] → [b1 (x)], . . . , [am (x)] → [bm (x)]} |= [t(x)] → [t0 (x)]; 3. R(x) ∪ {[a1 (x)] → [b1 (x)], . . . , [am (x)] → [bm (x)]} ` [t(x)] → [t0 (x)].

22


Proof. Statements 2 and 3 are equivalent by the soundness and completeness of the RL-calculus [21]. We will now prove that 1 implies 2 and then, that 3 implies 1. To see that 1 ⇒ 2, let S be an R(x) ∪ {[a1 (x)] → [b1 (x)], . . . , [am (x)] → [bm (x)]}system. There exist, therefore, morphisms hj : aj (x)S → bj (x)S

j = 1, . . . , m.

Since in this context t(x) and t0 (x) (as well as all the aj (x) and bj (x)) are ground terms, we only need to find a morphism t(x)S → t0 (x)S to prove that S |= [t(x)] → [t0 (x)]. For that, S can also be considered an R-system and so, by hypothesis, there exists a natural transformation α : tS ◦ JS ⇒ t0S ◦ JS , where JS : Subeq((ajS , bjS )1≤j≤m ) → S n . Because of the hj , 1 ≤ j ≤ m, and noting that aj (x)S = ajS (xS ) (and analogously for bj ), the interpretation xS of the variables x in S belongs to the subequalizer: (xS , h) ∈ Subeq((ajS , bjS )1≤j≤m ). But then α(xS , h) is the required morphism. For the implication 3 ⇒ 1, given an R-system S we will prove by induction on the derivation that S |= [t(x)] → [t0 (x)] if [a1 (x)] → [b1 (x)] ∧ . . . ∧ [am (x)] → [bm (x)]. According to the last rule of deduction employed: • RF. It must be [t] = [t0 ] and the result is immediate. • CG. If

[t1 ] → [t01 ] . . . [tp ] → [t0p ] , [f (t1 , . . . , tp )] → [f (t01 , . . . , t0p )]

we have, by the induction hypothesis, S |= [ti ] → [t0i ] if [a1 ] → [b1 ] ∧ . . . ∧ [am ] → [bm ]

1 ≤ i ≤ p,

and there exist natural transformations αi : tiS ◦ JS ⇒ t0iS ◦ JS

1 ≤ i ≤ p,

where JS : Subeq((ajS , bjS )1≤j≤m ) → S n . Let (s, m) ∈ Subeq((ajS , bjS )1≤j≤m ); if we define α(s, m) = fS (α1 (s, m), . . . , αp (s, m)), we obtain a natural transformation α : f (t1 , . . . , tp ) ◦ JS ⇒ f (t01 , . . . , t0n ) ◦ JS and the result is proved. Some warning words are in order here. In JS :


23

Subeq((ajS , bjS )1≤j≤m ) → S n , the n appearing as superscript depends on the actual number of variables in the sentence [ti ] → [t0i ] if [a1 ] → [b1 ] ∧ . . . ∧ [am ] → [bm ] and, although the aj and bj are fixed, this is not the case for ti and t0i and so the n may vary with each i. This would imply that also the category Subeq((ajS , bjS )1≤j≤m ) could vary, as its objects are pairs whose first component is an object of S n , and then the definition of α given above would no longer be valid. However, this is only a technical nuisance because the extra variables that ti and t0i may add are simply ignored by the functors ajS and bjS , and everything could be made to fit properly by using projection functors that would preserve the natural transformations. This same remark applies to the remaining cases, too. • TR. If we have

[t] → [t0 ] [t0 ] → [t00 ] [t] → [t00 ]

then, by induction hypothesis, there exist natural transformations α1 : tS ◦ JS ⇒ t0S ◦ JS

and α2 : t0S ◦ JS ⇒ t00S ◦ JS ,

where JS : Subeq((ajS , bjS )1≤j≤m ) → S n . Then, the composition α2 ◦ α1 gives the result. • RP. We will distinguish two cases: 1. The rule employed is one of the [aj (x)] → [bj (x)]. Since the terms are ground we must have . [aj (x)] → [bj (x)] But in this case, S |= [ai ] → [bi ] if [a1 ] → [b1 ] ∧ . . . ∧ [am ] → [bm ] follows because the own construction of the subequalizer produces a natural transformation αj : ajS ◦ JS ⇒ bjS ◦ JS . 2. For some rule [l(y)] → [r(y)] if [u1 (y)] → [v1 (y)] ∧ . . . ∧ [uq (y)] → [vq (y)] in R, we have [w1 ] → [w10 ] . . . [wp ] → [wp0 ] [u1 (w/y)] → [v1 (w/y)] . . . [uq (w/y)] → [vq (w/y)] . [l(w/y)] → [r(w0 /y)] By the induction hypothesis there exist natural transformations 0 ◦ JS αi : wiS ◦ JS ⇒ wiS

1 ≤ i ≤ p,

and βi : ui (w)S ◦ JS ⇒ vi (w)S ◦ JS

1 ≤ i ≤ q,

24

§6. An Entailment System for RL where JS : Subeq((ajS , bjS )1≤j≤m ) → S n . Since S is an R-system, there also exists a natural transformation γ : lS ◦ JS0 ⇒ rS ◦ JS0 where JS0 : Subeq((ujS , vjS )1≤j≤q ) → S p . We now need to find a natural transformation α : l(w)S ◦ JS ⇒ r(w0 )S ◦ JS . For that, let (s, m) ∈ Subeq((ajS , bjS )1≤j≤m ); due to the morphisms βi (s, m) it turns out that (wS (s), β(s, m)) belongs to Subeq((ujS , vjS )1≤j≤q ) and we can define α(s, m) = rS (α(s, m)) ◦ γ(wS (s), β(s, m)), which finishes the proof.

2

A straightforward consequence of the previous proposition is a sound and complete extension of the RL-calculus with the following rule of deduction: 5. Implication introduction (II). R(x) ∪ {[a1 (x)] → [b1 (x)], . . . , [am (x)] → [bm (x)]} ` [t(x)] → [t0 (x)] . R ` [t(x)] → [t0 (x)] if [a1 (x)] → [b1 (x)] ∧ . . . ∧ [am (x)] → [bm (x)] We can now focus again on the main purpose of this section. For that, we associate c = (Sign, sen, `) given by: to RL the entailment sytem ERL • Sign: the category of equational theories and theory morphisms; • sen: the functor assigning to an equational theory the set of all its associated conditional rewrite rules, and mapping a theory morphism to its natural extension to rewrite rules; • ` is defined, for a set Γ of (Σ, E) sentences, as derivation for the corresponding RL-theory in the extended RL-calculus. c = (Sign, sen, `) is an entailment system. 6.2 Proposition ERL

Proof. The fact that composition of signature morphisms is associative (for equational logics in general, and for our unsorted and unconditional case in particular) is all that is needed to check that Sign is a category and sen a functor. Regarding the properties that ` must satisfy: 1. reflexivity: Simply use the rule RP (combined with II for conditional rules).

§7. Simulating CRWL in RL

25

2. monotonicity: Immediate by the definition of the entailment relation. 3. transitivity: Assume Γ ` ϕi for all i ∈ I and Γ ∪ {ϕi | i ∈ I} ` ψ. The easiest way to prove Γ ` ψ is by resorting to the soundness and completeness of the RL-calculus. Let S be a Γ-system, so S |= ϕi for all i ∈ I. Therefore Γ can also be considered a Γ ∪ {ϕi | i ∈ I}-system and then S |= ψ. 4. `-translation: Suppose Γ ` ϕ. Given a theory morphism H, it is proved by induction on the derivation that sen(H)(Γ) ` sen(H)(ϕ). The only nontrivial case is the one corresponding to RP and we illustrate it with an unconditional rule. If, for some [t(x)] → [t0 (x)] ∈ Γ, we have Γ ` [w1 ] → [w10 ] . . . Γ ` [wn ] → [wn0 ] Γ ` [t(w/x)] → [t0 (w0 /x)] then, by the induction hypothesis, sen(H)(Γ) ` sen(H)([wi ] → [wi0 ]) for i = 1, . . . , n, and, as sen(H)([t] → [t0 ]) = [H(t)] → [H(t0 )] belongs to sen(H)(Γ), the results follows by applying RP. 2 Before finishing, it should be emphasized that throughout this section no mention at all has been made of the labels in an RL-theory. They could have been safely included within the signature part; however, they do not play any role as far as the entailment relation is concerned and, if only for ease of exposition, we have preferred to omit then. This situation will change drastically when we shift to models and try to assign an institution to RL; then, we will be forced to distinguish between labelled and unlabelled sentences, as described in Section 14.

§7.

Simulating CRWL in RL

As there does not exist an entailment system associated to CRWL, it is clear that we are not going to be able to define an entailment system map between CRWL and RL. However, in this section, we show a method to simulate the behaviour of CRWL in RL. As pointed out in the last paragraph of the previous section, the set of labels of an RL-theory does not take part in the entailment process, and so it is omitted; the same convention will also be adopted in Sections 8 and 11. Since rules in CRWL can only be instantiated with terms and not expressions, we will need to be able to distinguish between them in RL in order to apply the rules correctly. For this, variables in CRWL need to be represented in RL and we will use constants for that. Let us assume then that variables in CRWL are given by a countably infinite set V = {v0 , v1 , . . .} whereas variables in RL come from another

26


set X = {x0 , x1 , . . .}, with V ∩ X = ∅. Occasionally, we will also use v ∈ V and x, y, z ∈ X . A rewrite in CRWL will be simulated through a binary relation R (technically, as only functions exist, a binary function), so that e → e0 in CRWL if and only if R(e, e0 ) → true in RL. In a similar way, ./ will be used to simulate joinability statements. More precisely, let Σ be a signature with constructors; we associate to it the following RL-theory (Σ0 , E 0 , Γ0 ): • Σ0 = CΣ ∪ FΣ ∪ {tterm, pterm, pexpr, true, ⊥, ./, R} ∪ V . The function symbols tterm, pterm and pexpr are unary and check whether their argument is a total or a partial term, or an expression; ⊥ and the elements of V are constants for the bottom and the variables in CRWL; R and ./ are binary; for ./, infix notation will be used. • E 0 = ∅. • In Γ0 we have: tterm(vi ) → true (∀vi ∈ V) tterm(h(x1 , . . . , xn )) → true if tterm(x1 ) → true ∧ . . . ∧ tterm(xn ) → true (∀h ∈ CΣn , n ∈ IN) pterm(⊥) → true pterm(vi ) → true (∀vi ∈ V) pterm(h(x1 , . . . , xn )) → true if pterm(x1 ) → true ∧ . . . ∧ pterm(xn ) → true (∀h ∈ CΣn , n ∈ IN) pexpr(⊥) → true pexpr(vi ) → true (∀vi ∈ V) pexpr(h(x1 , . . . , xn )) → true if pexpr(x1 ) → true ∧ . . . ∧ pexpr(xn ) → true (∀h ∈ CΣn ∪ FΣn , n ∈ IN) to select terms, and x ./ y → true if R(x, z) → true ∧ R(y, z) → true ∧ tterm(z) → true R(x, ⊥) → true if pexpr(x) → true R(x, x) → true if pexpr(x) → true R(x, y) → true if R(x, z) → true ∧ R(z, y) → true R(h(x1 , . . . , xn ), h(y1 , . . . , yn )) → true if R(x1 , y1 ) → true ∧ . . . ∧ R(xn , yn ) → true (∀h ∈ CΣn ∪ FΣn , n ∈ IN) corresponding to rules J, B, RF, TR, MN in BRC, respectively (check page 11). It is not necessary to include pexpr explicitly in all the rules because these conditions can be derived as logical consequences.


27

To every rule l(v) → r(v) ⇐ a1 (v) ./ b1 (v), . . . , am (v) ./ bm (v) over Σ, we associate the following rule in RL over (Σ0 , E 0 ) R(l(x), r(x)) → true if a1 (x) ./ b1 (x) → true ∧ . . . ∧ am (x) ./ bm (x) → true ∧ pterm(x1 ) → true ∧ . . . ∧ pterm(xn ) → true, where each CRWL variable vi (a constant in the RL-theory) has been substituted by the variable xi . This last rule corresponds with the reduction rule R on page 11, and the condition that (program) rules in CRWL can only be instantiated with terms is taken care of by demanding pterm(x) → true for all the variables appearing in it. Similarly, for the joinability rule it is now tterm that is entrusted with picking only those expressions representing total terms. Given a CRWL-theory T = (Σ, Γ), we write α(T ) for the RL-theory obtained by adding the translation of every rule in Γ to the theory associated to Σ. The following proposition ensures us that the translation is correct. 7.1 Proposition Given a CRWL-theory T = (Σ, Γ) such that α(T ) = (Σ0 , E 0 , Γ0 ), then, if l, r, a, b ∈ TΣ0 (X ): l, r ∈ Expr⊥ (Σ, V) and T `CRWL l → r a, b ∈ Expr⊥ (Σ, V) and T `CRWL a ./ b

⇐⇒ ⇐⇒

α(T ) `RL R(l, r) → true α(T ) `RL a ./ b → true.

To prove the previous proposition we will need the following lemmas. The first one states some simple facts. 7.2 Lemma Let T = (Σ, Γ) be a CRWL-theory, α(T ) = (Σ0 , E 0 , Γ0 ) and e, e0 ∈ TΣ0 (X ). 1. If α(T ) `RL e → e0 and e ∈ Expr⊥ (Σ, V) or e0 ∈ Expr⊥ (Σ, V), then e = e0 . 2. If α(T ) `RL tterm(e) → e0 , then either e0 is true or tterm(e00 ) for some e00 such that α(T ) `RL e → e00 . Proof. Both facts are proved by structural induction on the derivation. In the first case, if the last rule applied is, for example, CG, we have e1 → e01 . . . en → e0n , f (e1 , . . . , en ) → f (e01 , . . . , e0n )


28

and by the induction hypothesis ei = e0i , 1 ≤ n ≤ n, and so f (e1 , . . . , en ) = f (e01 , . . . , e0n ). Note that RP cannot be the last rule employed. In the second case it is necessary to prove first, also by induction, that true only rewrites to itself. Then, for example, if the last rule employed is TR, tterm(e) → e00 e00 → e0 , tterm(e) → e0 we have by induction hypothesis that either e00 = true, in which case e0 must be also true, or e00 = tterm(e000 ) with α(T ) `RL e → e000 , and then the results follows by the induction hypothesis (and the transitivity of RL). 2 7.3 Lemma If T = (Σ, Γ) is a CRWL-theory, α(T ) = (Σ0 , E 0 , Γ0 ) and e ∈ TΣ0 (X ), then: 1. e ∈ Term(Σ, V) ⇐⇒ α(T ) `RL tterm(e) → true, 2. e ∈ Term⊥ (Σ, V) ⇐⇒ α(T ) `RL pterm(e) → true, 3. e ∈ Expr⊥ (Σ, V) ⇐⇒ α(T ) `RL pexpr(e) → true. Proof. 1. The ⇒ part is immediate, by structural induction on e. For the ⇐ part we use induction on the derivation; we have to study the last rule applied: • RF, CG are not possible. • RP. The only conditional rules that can be applied are the ones associated to tterm. For the first one there is nothing to prove, as V ⊆ Term(Σ, V); for the second, the result follows from the induction hypothesis and the definition of Term(Σ, V). • TR. In this case we have, for some e0 ∈ TΣ0 (X ), tterm(e) → e0 e0 → true . tterm(e) → true By Lemma 7.2, e0 must be either true or tterm(e00 ), with α(T ) `RL e → e00 . The first case is immediate. For the second one, the induction hypothesis applied to α(T ) `RL tterm(e00 ) → true gives us e00 ∈ Term(Σ, V) and, again by Lemma 7.2, e = e00 . 2. Facts 2 and 3 are proved in an analogous way.

2


29

Proof of Proposition 7.1. Both directions are proved by induction on the derivation, studying the last rule applied. For the ⇒ part, • B. We have T `CRWL l → ⊥. As l ∈ Expr⊥ (Σ, V), by the previous lemma it is α(T ) `RL pexpr(l) → true so, by the first rule associated to R, we have α(T ) `RL R(l, ⊥) → true. • RF. By the previous lemma, α(T ) `RL pexpr(l) → true, so the result follows by applying the second rule associated to R. • TR. We have

T `CRWL l → t T `CRWL t → r . T `CRWL l → r

By induction hypothesis, α(T ) `RL R(l, t) → true and α(T ) `RL R(t, r) → true, and by the third rule associated to R we can derive α(T ) `RL R(l, r) → true. • MN. Similarly to TR. • J. From T `CRWL a → t T `CRWL b → t T `CRWL a ./ b

t ∈ Term(Σ, V),

we get, by induction hypothesis, α(T ) `RL R(a, t) → true and α(T ) `RL R(b, t) → true, and by the previous lemma α(T ) `RL tterm(t) → true, so we can apply the rule associated to ./ to reach the result. • R. As the rules in CRWL can only be instantiated with partial terms, it is the case that the conditions of the form pterm(xi ) → true in the translation of the CRWL-rule are satisfied; by induction hyphotesis, the others are also satisfied, so we get the result. For the converse ⇐, • RF, CG are not possible. • TR. Suppose α(T ) `RL R(l, r) → e α(T ) `RL e → true . α(T ) `RL R(l, r) → true (The case for a ./ b is analogous.) By induction on the derivation of α(T ) `RL R(l, r) → e and using the fact that true only rewrites to itself, it follows

§8. Simulating RL in CRWL

30

easily that that e must be either true, or R(l0 , r 0 ) with α(T ) `RL l → l0 and α(T ) `RL r → r 0 . In the first case the result follows immediately; in the second, by induction hypothesis, l0 , r 0 ∈ Expr⊥ (Σ, V) and T `CRWL l0 → r 0 , and by Lemma 7.2 we have l = l0 and r = r 0 . • RP. The result follows because the rules associated to R reflect faithfully the behaviour of BRC. For example, if α(T ) `RL a → a0 α(T ) `RL b → b0 α(T ) `RL c → c0 α(T ) `RL R(a, c) → true α(T ) `RL R(b, c) → true α(T ) `RL tterm(c) → true , α(T ) `RL a ./ b → true then c ∈ Term(Σ, V) by the Lemma 7.3, and T `CRWL a → c and T `CRWL b → c by the induction hypothesis so, applying J, T `CRWL a ./ b. 2

§8.

Simulating RL in CRWL

We could try to simulate RL in CRWL and, for that, function symbols in RL would be mapped to constructor symbols in CRWL and unconditional rules would suffer no transformation at all. However, conditions in rewrite rules would pose a problem since conditions in CRWL are somewhat more restricted than conditions in RL. To overcome this difficulty we will represent, as in Section 7, the rewriting relation in RL through a binary relation (function) R in CRWL, so that t → t0 in RL if and only if R(t, t0 ) → true in CRWL. It still remains the question of rewriting modulo a set of equations. This situation will be treated by transforming each equation t = t0 into the rewrites t → t0 and t0 → t. More precisely, given a signature (Σ, E) in RL we associate to it a CRWL-theory over the signature Σ0 with CΣ0 = Σ ∪ {true} and FΣ0 = {R}, with true and R of arities 0 and 2, respectively. Here it is not necessary to represent variables in RL as constants in CRWL, and we will use the same set X of variables for both logics. The rules in the theory are R(x1 , x2 ) → true ⇐ x1 ./ x2 , R(x, y) → true ⇐ R(x, z) ./ true, R(z, y) ./ true, and, for each f ∈ Σn , n ∈ IN, R(f (x1 , . . . , xn ), f (y1 , . . . , yn )) → true ⇐ R(x1 , y1 ) ./ true, . . . , R(xn , yn ) ./ true, mimicking the reflexivity, transitivity and congruence rules in the RL-calculus, together with R(t, t0 ) → true, R(t0 , t) → true,


31

for every t = t0 ∈ E. The goal of the condition in the rule corresponding to reflexivity is to avoid instantiating it with terms containing ⊥, which have no meaning in RL. A conditional rewrite rule [l] → [r] if [a1 ] → [b1 ] ∧ . . . ∧ [am ] → [bm ] over (Σ, E) in RL is then translated to R(l, r) → true ⇐ R(a1 , b1 ) ./ true, . . . , R(am , bm ) ./ true, where l, r, ai , bi are arbitrary members of [l], [r], [ai ] and [bi ], respectively. In fact, the previous definitions must be slightly modified due to some technical details. In a conditional rewrite rule l → r ⇐ C in CRWL, l must be linear, and it is obvious that with the above definitions this property is not ensured for the translation of equations and rewrite rules; therefore, those rules must be “linearised” (see [2, 1]). The linearised version of a conditional rewrite rule l → r ⇐ C is given by l0 → r ⇐ C, Cl , where l0 and Cl are calculated as follows: For every variable x appearing k > 1 times in l, its j-th occurrence, 2 ≤ j ≤ k is substituted by a new variable yj and x ./ yj is added to Cl . Moreover (and this is simply a characteristic of our translation), even when a variable x appears only once, x ./ x will be added to the conditional part so that x cannot be instantiated with a partial term. The treatment of linearised rules in the rest of the section, though rigorous, will not be too formal. In what follows, we write β(T ) for the CRWL-theory associated to a RL-theory T . 8.1 Proposition If (Σ0 , E 0 ) is the CRWL theory corresponding to a signature (Σ, E) in RL and if t, t0 ∈ TΣ (X ), then E ` t = t0

=⇒

E 0 `CRWL R(t, t0 ) → true

and

E 0 `CRWL R(t0 , t) → true .

Proof. By induction on the derivation of E ` t = t0 . The rules of a deduction system for equational logic typically include rules of reflexivity, symmetry, transitivity, congruence, and substitutivity, similar to those appearing in Section 9.1. Let us just consider the case of the substitutivity rule. We have θ(t1 ) = θ(t2 )

(t1 = t2 ) ∈ E,

for some assignment θ : X → TΣ (X ). Associated to t1 = t2 we have the linearised versions of the two rules R(t1 , t2 ) → true and R(t2 , t1 ) → true in E 0 and, as TΣ (X ) ⊆ Term⊥ (Σ0 , X ), we can instantiate them with θ (mapping those x which arose in the linearization process to the same term as the original variable) to obtain the result. 2 With this in hand we are ready to prove the first half of the main proposition.

32


8.2 Proposition Given any RL-theory T = (Σ, E, Γ), and l, r ∈ TΣ (X ): T `RL [l] → [r]

=⇒ ⇐⇒

(∃l0 ∈ [l], ∃r 0 ∈ [r]) β(T ) `CRWL R(l0 , r 0 ) → true (∀l0 ∈ [l], ∀r 0 ∈ [r]) β(T ) `CRWL R(l0 , r 0 ) → true.

Proof. Let us first prove the equivalence. There is nothing to prove from right to left; in the opposite direction the result is a consequence of the previous proposition and the β(T )-rule R(x, y) → true ⇐ R(x, z) ./ true, R(z, y) ./ true. Now we prove the first implication by induction on the derivation, according to the last rule used: • RF. T `RL [l] → [l], and the result follows by instantiating R(x1 , x2 ) → true ⇐ x1 ./ x2 with l and l. • CG. From

T `RL [l1 ] → [r1 ] . . . T `RL [ln ] → [rn ] T `RL [f (l1 , . . . , ln )] → [f (r1 , . . . , rn )]

and the induction hypothesis, β(T ) `CRWL R(li0 , ri0 ) → true for some li0 ∈ [li ], ri0 ∈ [ri ], 1 ≤ i ≤ n. Then, using the rule R(f (x1 , . . . , xn ), f (y1 , . . . , yn )) → true ⇐ R(x1 , y1 ) ./ true, . . . , R(xn , yn ) ./ true, we get β(T ) `CRWL f (l10 , . . . , ln0 ) → f (r10 , . . . , rn0 ), verifying f (l10 , . . . , ln0 ) ∈ [f (l1 , . . . , ln )] and f (r10 , . . . , rn0 ) ∈ [f (r1 , . . . , rn )]. • TR. From

T `RL [l] → [t] T `RL [t] → [r] T `RL [l] → [r]

and the induction hypothesis, β(T ) `CRWL l0 → t0 and β(T ) `CRWL t00 → r 0 , with l0 ∈ [l], t0 , t00 ∈ [t] and r 0 ∈ [r]. Then, due to the equivalence just proved, β(T ) `CRWL l → t and β(T ) `CRWL t → r and we get the result using the translation of the transitivity rule. • RP. We have, for some [l(x)] → [r(x)] if [a1 (x)] → [b1 (x)] ∧ . . . ∧ [am (x)] → [bm (x)] in Γ, T `RL

T `RL [w1 ] → [w10 ] . . . T `RL [wn ] → [wn0 ] [a1 (w/x)] → [b1 (w/x)] . . . T `RL [am (w/x)] → [bm (w/x)] . T `RL [l(w/x)] → [r(w0 /x)]

By induction hypothesis, there exists a0i ∈ [ai (w/x)], b0i ∈ [bi (w/x)] such that β(T ) `CRWL R(a0i , b0i ) → true for i = 1, . . . , m. Again by the equivalence, β(T ) `CRWL R(ai (w/x), bi (w/x)) → true, for i = 1, . . . , m. We can then use the linearised version of R(l, r) → true ⇐ R(a1 , b1 ) ./ true, . . . , R(am , bm ) ./ true, substituting all variables which arose from the same one during the linearisation process with the same wi (so that the conditions x ./ x, x ./ yj


33

are trivially verified), to arrive at β(T ) `CRWL R(l(w/x), r(w/x)) → true. In a similar way, β(T ) `CRWL R(wi , wi0 ) → true, i = 1, . . . , n, is also obtained, and repeated aplication of the translation of the transitivity rule would show, first, that β(T ) `CRWL R(r(w/x), r(w0 /x)) → true, and then β(T ) `CRWL R(l(w/x), r(w0 /x)) → true, as desired. 2 Our next goal will be to prove the converse of the last proposition. However, more care is needed here since, for example, an equation of the form x ∗ 0 = 0 will allow us to derive R(true ∗ 0, 0) → true. Even more bizarre derivations are possible by repeated application of transitivity, like, for example, R(R(true, true), true) → true. To prove that these sequents, however, do not allow us to derive anything new in CRWL, we concentrate first on some preliminary results. The next one is proved by an easy induction for each fact in the statement: 8.3 Lemma Let T = (Σ, E, Γ) be a RL-theory, β(T ) = (Σ0 , Γ0 ), and e, e1 , . . . , en ∈ Expr⊥ (Σ0 , X ) expressions in CRWL. Then: 1. If β(T ) `CRWL ⊥ → e, then e = ⊥; 2. For all x ∈ X , if β(T ) `CRWL x → e, then either e = ⊥ or e = x; 3. If β(T ) `CRWL R(e1 , e2 ) → e, then either e = ⊥, or e = true, or e = R(e01 , e02 ) with β(T ) `CRWL ei → e0i , i = 1, 2; 4. For every f ∈ CΣ0 , if β(T ) `CRWL f (e1 , . . . , en ) → e then either e = ⊥, or e = f (e01 , . . . , e0n ) with β(T ) `CRWL ei → e0i for some e0i ∈ Expr⊥ (Σ0 , X ), i = 1, . . . , n. 2 In what follows this lemma will be used mostly without explicit reference to it: for example, when deducing β(T ) `CRWL R(t, t0 ) → true from β(T ) `CRWL R(t, t0 ) ./ true. 8.4 Lemma If T is an RL-theory and β(T ) = (Σ0 , Γ0 ), then: 1. For all e, e0 ∈ Expr⊥ (Σ0 , X ), if β(T ) `CRWL e → e0 and e0 is total, then e is total; 2. For all t ∈ Term⊥ (Σ0 , X ), e0 ∈ Expr⊥ (Σ, X ), if β(T ) `CRWL t → e0 and e0 is total, then t = e0 ; 3. For all t, t0 ∈ Term⊥ (Σ0 , X ), if β(T ) `CRWL t ./ t0 , then t is total and t0 = t.


34 Proof.

1. Induction on the last rule of the derivation. B and J are not possible; RF is immediate; for TR, if e → e00 e00 → e0 e → e0 then, by induction hypothesis, e00 is total, and again by induction hypothesis e is total. MN similarly. For R we have to distinguish all these cases: • If R(x1 , x2 ) → true ⇐ x1 ./ x2 has been used, then e = R(e1 , e2 ) and β(T ) `CRWL e1 → t, β(T ) `CRWL e2 → t for some t, total, have been previously obtained in the derivation. By induction hypothesis, both e1 and e2 are total and so is e. • If a rule of the form R(f (x1 , . . . , xn ), f (y1 , . . . , yn )) → true ⇐ R(x1 , y1 ) ./ true, . . . , R(xn , yn ) ./ true or R(x, y) → true ⇐ R(x, z) ./ true, R(z, y) ./ true has been used, the result follows by induction hypothesis. • If the last rule applied has been one of those corresponding to equations or rewrite rules then e = R(l, r) and a condition of the form x ./ x or x ./ yj for every variable appearing in it must have been satisfied. If x has been instantiated with t, then those conditions imply that β(T ) `CRWL t → t0 for some total t0 , so by induction hypothesis t is total, and so will be the expression e. 2. By 1, t ∈ Term(Σ0 , X ). By structural induction on t: • t = x, then e0 = ⊥ (absurd) or e0 = x and the result holds; • t = f (t1 , . . . , tn ), then either e0 = ⊥ (absurd) or e0 = f (e01 , . . . , e0n ) with β(T ) `CRWL ti → e0i . In this last case, by induction hypothesis, ti = e0i for i = 1, . . . , n and so t = e0 . 3. There exists t00 ∈ Term(Σ0 , X ) with β(T ) `CRWL t → t00 and β(T ) `CRWL t0 → t00 , and by 2, t = t00 = t0 . 2 8.5 Proposition Let T = (Σ, E, Γ) be an RL-theory, β(T ) = (Σ0 , Γ0 ), and let l, r ∈ Term⊥ (Σ0 , X ). If β(T ) `CRWL R(l, r) → true then l, r ∈ Term(Σ0 , X ) (equivalently, l, r ∈ TΣ∪{true} (X )) and (Σ ∪ {true}, E, Γ) `RL [l] → [r]. Proof. By Lemma 8.4(1), l, r ∈ Term(Σ0 , X ). For the second part, we proceed by induction on the proof of β(T ) `CRWL R(l, r) → true. The last rule applied must have been TR or R.


35

• For TR we have β(T ) `CRWL R(l, r) → e β(T ) `CRWL e → true . β(T ) `CRWL R(l, r) → true If e = true the result follows by induction hypothesis. Otherwise it must be e = R(l0 , r 0 ), total by Lemma 8.4(1), with β(T ) `CRWL l → l0 and β(T ) `CRWL r → r 0 , so by Lemma 8.4(2) l = l0 , r = r 0 and the result holds by induction hypothesis. • For R there are five different cases. Recall that rules in CRWL are instantiated with members of Term⊥ (Σ0 , X ). 1. If β(T ) `CRWL l ./ r , β(T ) `CRWL R(l, r) → true then by Lemma 8.4(3) l = r so (Σ ∪ {true}, E, Γ) `RL [l] → [r]. 2. If β(T ) `CRWL R(l, t) ./ true β(T ) `CRWL R(t, r) ./ true , β(T ) `CRWL R(l, r) → true we have by induction hypothesis (Σ ∪ {true}, E, Γ) `RL [l] → [t] and (Σ ∪ {true}, E, Γ) `RL [t] → [r], so (Σ ∪ {true}, E, Γ) `RL [l] → [r] by transitivity of RL. 3. For the translation of the congruence rule the result also follows immediately by the induction hypothesis. 4. The result is obtained using a (linearised) rule associated to an equation t = t0 ∈ E. The conditions of the form x ./ x and x ./ yj in the rule together with Lemma 8.4(3) imply that all the variables which arose from the same one must have been instantiated with the same element of Term(Σ0 , X ). This way E ` l = r, so [l] = [r] and (Σ ∪ {true}, E, Γ) `RL [l] → [r] by reflexivity of RL. 5. If the last rule applied is one of those associated to an element of Γ then, as in the previous case, all variables have been instantiated properly and the result is proved applying the induction hypothesis. 2

8.6 Proposition Given any RL-theory T = (Σ, E, Γ), and l, r ∈ TΣ (X ): T `RL [l] → [r]

⇐⇒ ⇐⇒

(∃l0 ∈ [l], ∃r 0 ∈ [r]) β(T ) `CRWL R(l0 , r 0 ) → true (∀l0 ∈ [l], ∀r 0 ∈ [r]) β(T ) `CRWL R(l0 , r 0 ) → true.

§9. Introducing Types

36

Proof. By Propositions 8.2 and 8.5, it is enough to see that if (Σ ∪ {true}, E, Γ) `RL [l] → [r] then (Σ, E, Γ) `RL [l] → [r]. The easiest way of proving this implication is by using the completeness of the RL calculus. Let S be a (Σ, E, Γ)-system. If S is the empty category, then S |=Σ [l] → [r] trivially. Otherwise, let us define trueS to be any object in the category. With this definition S is clearly a (Σ ∪ {true}, E, Γ)-system, so S |=Σ∪{true} [l] → [r]. But then S |=Σ [l] → [r] also under Σ, as desired. 2

§9.

Introducing Types

We will now examine the versions of CRWL and RL which make use of types. For CRWL we will consider the extension presented in [2, 1], while for RL we will use membership equational logic as underlying equational logic, and refer to it as MERL from now on. Paralleling what happened in the unsorted case, an entailment system can be associated to MERL, but not to the extension of CRWL. Let us briefly review the basic characteristics of these new logics.

9.1. Membership equational logic Membership equational logic is an expressive version of equational logic. A full treatment of its syntax and semantics can be found in [22, 5]. Here we define only those notions that will be needed later on, borrowing from [22]. A signature in membership equational logic is a triple Ω = (K, Σ, S) with K a set of kinds, Σ a K-kinded signature and S = {Sk }k∈K a pairwise disjoint K-kinded family of sets. We call Sk the set of sorts of kind k. The pair (K, Σ) is what is usually called a many-sorted signature of function symbols; however, we call the elements of K kinds because each kind k now has a set Sk of associated sorts. Also, we denote by TΣ (X )k the set of terms of kind k with variables in a set X . The atomic formulae of membership equational logic are either equations t = t0 , where t and t0 are Σ-terms of the same kind, or membership assertions of the form t : s, where the term t has kind k and s ∈ Sk . Sentences are Horn clauses on these atomic formulas, that is, sentences of the form i. (∀X ) t = t0 ⇐ a1 = b1 ∧ . . . ∧ am = bm ∧ w1 : s1 ∧ . . . ∧ wp : sp , ii. (∀X ) t : s ⇐ a1 = b1 ∧ . . . ∧ am = bm ∧ w1 : s1 ∧ . . . ∧ wp : sp ,


37

where X is a K-kinded set containing all the variables appearing in t, t0 (resp. t) and the ai , bi and wi . The semantics of membership equational logic can be defined in a similar way to that of many-sorted logic; now, in addition, the sorts will be interpreted in the models as subsets of the carrier for the kind. As far as we are concerned, however, we only need to know that given a theory (Ω, E), the following set of rules of deduction is sound and complete (see [22]). 1. Reflexivity. For each t ∈ TΣ (X ), E ` (∀X ) t = t

.

2. Symmetry. E ` (∀X ) t = t0 . E ` (∀X ) t0 = t 3. Transitivity. E ` (∀X ) t = t0 E ` (∀X ) t0 = t00 . E ` (∀X ) t = t00 4. Congruence. For each f : k1 . . . kn → k in Σ and terms ti , t0i ∈ TΣ (X )ki , 1 ≤ i ≤ n, E ` (∀X ) t1 = t01 . . . E ` (∀X ) tn = t0n . E ` (∀X ) f (t1 , . . . , tn ) = f (t01 , . . . , t0n ) 5. Membership. E ` (∀X ) t = t0 E ` (∀X ) t : s . E ` (∀X ) t0 : s 6. Modus ponens. Given a sentence (∀X ) t = t0 ⇐ a1 = b1 ∧ . . . ∧ am = bm ∧ w1 : s1 ∧ . . . ∧ wp : sp (resp. (∀X ) t : s ⇐ a1 = b1 ∧ . . . ∧ am = bm ∧ w1 : s1 ∧ . . . ∧ wp : sp ) in the set E of axioms, and given a K-kinded assignment θ : X → TΣ (Y), then E ` (∀Y) θ(ai ) = θ(bi ) 1 ≤ i ≤ m E ` (∀Y) θ(t) = θ(t0 )

E ` (∀Y) θ(wj ) : sj 1 ≤ j ≤ p . (resp. (∀Y) θ(t) : s)

38


9.2. Algebraic CRWL The extension of CRWL defined in [2, 1] adds polymorphic types to the original version, as well as algebraic datatypes; it is called Algebraic Constructor-based ReWriting Logic and denoted by ACRWL. (Note that there also exists an extension of CRWL with higher-order functional types, described in [15], which is not considered here.) For the following presentation we borrow from [3, 2]. Let TC = n≥0 TC n be a countable ranked alphabet of type constructors, and TV a countable set of type variables α, β, . . . Polymorphic types τ ∈ TTC (TV ) are built as τ ::= α | T (τ, . . . , τ ), where T ∈ TC n and α ∈ TV . A polymorphic signature Σ is a triple hTC Σ , CΣ , FΣ i, where TC Σ is a set of type constructors, and CΣ and FΣ are sets of type declarations h : (τ1 , . . . , τn ) → τ0 for data constructors and defined function symbols, respectively. In addition, no overloading is allowed in CΣ ∪ FΣ , and elements of CΣ satisfy the following transparency property: all type variables in τ1 , . . . , τn also appear in τ0 . The types given by the declarations in CΣ ∪ FΣ are called principal types. We write Σ⊥ for the signature obtained from Σ by adding to it the constructor ⊥ :→ α. S

Assuming another countably infinite set of data variables X we build partial expressions e ∈ Expr⊥ (Σ, X ) as e ::= x | h(e, . . . , e), where h : (τ1 , . . . , τn ) → τ0 ∈ CΣ⊥ ∪FΣ and x ∈ X . The set of partial terms Term⊥ (Σ, X ) is obtained by using only symbols in CΣ⊥ . Analogously, removing the constructor ⊥ :→ α the sets of total expressions and terms are obtained. A data substitution is a function mapping data variables to partial terms. A data substitution δ is safe for a term s ∈ Term(Σ, X ) if δ(x) is total for every variable x appearing more than once in s. An environment is defined as a set V of type-annotated data variables x : τ , such that V does not include two different annotations for the same variable. The following rules of inference are used to determine whether an expression has a type with respect to V : V `x:τ

if x : τ ∈ V

and

V ` e1 : τ1 . . . V ` en : τn , V ` h(e1 , . . . , en ) : τ0

where h : (τ1 , . . . , τn ) → τ0 is an instance of the principal type of h in the signature. A partial expression e is said to have type τ with respect to V if V ` e : τ . An equational axiom is a sentence of the form s ≈ t, where s and t are total terms. If s and t share the same variables, s ≈ t is said to be regular ; if, in addition, s, t ∈ / X, the equational axiom is strongly regular. A strongly regular equational axiom s ≈ t is well-typed if there exists an environment V such that V ` s : τ and V ` t : τ for some type τ .


39

Program rules are constructor-based rewrite rules for defined functions. More precisely, assuming a principal type declaration f : (τ1 , . . . , τn ) → τ0 ∈ FΣ , a defining rule for f must have the form: f (t1 , . . . , tn ) → r ⇐ a1 ./ b1 , . . . , am ./ bm , where the left-hand side is linear (i.e., without multiple occurrences of variables), ti ∈ Term(Σ, X ), 1 ≤ i ≤ n, r, ai , bi ∈ Expr(Σ, X ), 1 ≤ i ≤ m. The rule is said to be regular if all variables in r also appear in f (t1 , . . . , tn ). Furthermore, the rule is well-typed if there is some environment V such that V ` ti : τi , 1 ≤ i ≤ n, V ` r : τ0 and, for all ai ./ bi , 1 ≤ i ≤ m, there exists some τi0 such that V ` ai : τi0 and V ` bi : τi0 . An ACRWL-program (or theory) P is a triple P = hΣ, C, Γi, where Σ is a polymorphic signature, C a finite set of equational axioms, and Γ a finite set of program rules. A program is said to be regular if all equational axioms in C are strongly regular and all the rules in Γ are regular. A regular program is well-typed if all the equational axioms in C and all the rules in Γ are so. From a given program P two kinds of sentences will be derived: reduction statements e → e0 , and joinability statements e ./ e0 , with e, e0 ∈ Expr⊥ (Σ, X ). For that, the two calculi defined for CRWL, BRC and GORC, are extended with a new rule dealing with equational axioms. The BRC in this new setting consists of the six rules of Section 3 plus the following one: 7. Mutation (MUT). For each s w t ∈ [C]w , s→t

,

where [C]w = {sδ w tδ, tδ0 w sδ0 | s ≈ t ∈ C, δ, δ0 safe substitutions for s and t, respectively}. We say that P entails e → e0 and write P ÀCRWL e → e0 if e → e0 can be obtained by finite application of the BRC-rules. A Polymorphically Typed algebra (PT-algebra) A is given by a 5-tuple (D A , U A , :A , {T A }T ∈TC Σ , {cA }c∈CΣ , {f A }f ∈FΣ ) where D A is a poset, U A is a set (called the universe of types), :A ⊆ D A × U A is a relation such that E(l)A = {d ∈ D A | d :A l} is a cone for every l ∈ U A , T A : (U A )n → U A is a function for each T ∈ TC of arity n, and cA and f A are monotone mappings from (D A )n to C(D A ), with n the arity of the corresponding symbol. In addition, for cA it is also required that for any d1 , . . . , dn ∈ D A there exists d ∈ D A such that cA (d1 , . . . , dn ) = hdi; moreover, d ∈ Def (D A ) in case all di ∈ Def (D A ). A type valuation µ is a function from TV to U A . A data valuation η is a function from X to D A ; η is safe for t ∈ Term⊥ (Σ, X ) if η(x) ∈ Def (D A ) for every x appearing

40

§10. Simulating ACRWL

more than once in t. A valuation is a pair (µ, η) of type and data valuations. With these definitions, denotations of types and expressions are obtained as usual. A PT-algebra A is well-typed if it holds that hA (d1 , . . . , dn ) ⊆ E A ([[τ0 ]]A µ) for all h : (τ1 , . . . , τn ) → τ0 ∈ Σ, every type valuation µ, and any di ∈ E A ([[τi ]]A µ), 1 ≤ i ≤ n. Satisfaction of conditional rewrite rules is defined in the same way as in CRWL. For equational axioms, a PT-algebra A satisfies s ≈ t if, for every valuation ξ = (µ, η), [[s]]A η ⊇ [[t]]A η if η is safe for s, and [[t]]A η ⊇ [[s]]A η if η is safe for t. A is a model of an ACRWL-program if it satisfies all its equational axioms and program rules. A PT-homomorphism F : A → B is given by a pair of mappings (Ft , Fd ), where Ft : U A → U B , and Fd : D A → C(D B ) is monotone and verifies the same conditions as CRWL-homomorphisms. In addition, Ft (T A (l1 , . . . , ln )) = T B (Ft (l1 ), . . . , Ft (ln )) for all T ∈ TC Σ of arity n, and l1 , . . . , ln ∈ U A . A PT-homomorphism F : A → B is well-typed if Fd (E A (l)) ⊆ E B (Ft (l)) for all l ∈ U A .

§10.

Simulating ACRWL

In this section we look back at the results of Sections 7 and 8 and study whether they continue holding when ACRWL is substituted for CRWL. First, we try to simulate the behaviour of ACRWL within RL. Now that we have got types in CRWL the first idea would be to try to use MERL in order to carry out the translation. However, a close look at its rules reveals that types play no role in the BRC. It is proved in [2] that, for a regular and well-typed ACRWL-program P, if P ` e → e0 and V ` e : τ for some environment V and type τ , then V ` e0 : τ . But this result is not guaranteed for programs not verifying these conditions and, even for those which do, there is nothing to prevent us from using BRC to derive a statement e → e0 with e an ill-typed expression. Therefore, the simulation will still take place within the basic framework of unsorted RL. Reflecting the fact that the new rewriting calculus is obtained from the original one by simply adding a new rule of inference, the translation remains exactly the same as the one we defined in Section 7 (and the proof of its soundness would go along the same lines) except that now, for each equational axiom s ≈ t, two new conditional rewrite rules, modelling the behaviour of MUT, have to be added: R(s(x, y), t(x, y)) → true if pterm(x) → true ∧ tterm(y) → true, R(t(x0 , y 0 ), s(x0 , y 0 )) → true if pterm(x0 ) → true ∧ tterm(y 0 ) → true, where y and y 0 are the variables appearing more than once in s and in t, respectively. (So that safe substitutions are taken into account.)

§11. Simulating MERL in CRWL

41

What about the other way around, that is, simulating RL within ACRWL? Obviously, we can simply ignore the new characteristics and employ the pattern described in Section 8 to obtain a correct translation. But one could also think of taking advantage of equational axioms in order to simulate the equational part of an RL-theory. More precisely, an equation t = t0 would be transformed, instead of into two rewrite rules R(t, t0 ) → true and R(t0 , t) → true, into a single equational axiom t ≈ t0 . This way, given an equational theory E, and E 0 the ACRWL-program for its associated set of equational axioms, we would have E ` t = t0

=⇒

E 0 ` t → t0 and E 0 ` t0 → t,

and this result could be used to prove, in much the same way as in Section 8, that for T an RL-theory and T 0 its associated ACRWL-program, T ` [t] → [t0 ]

=⇒

T 0 ` R(t, t0 ) → true.

We conjecture that the converse implication also holds, but have not been able to prove it.

§11.

Simulating MERL in CRWL

As in Section 8, a binary function symbol R will be used to simulate the rewriting relation in CRWL: the goal in mind is having t → t0 in MERL if and only if R(t, t0 ) → true in CRWL. Now, in addition, a binary function symbol I will be needed to represent equality in membership equational logic (t = t0 ⇐⇒ I(t, t0 ) → true), as well as another one M to simulate memberships (t : s ⇐⇒ M (t, s) → true). A further distinction concerns the treatment of variables. CRWL has no types so, given the function symbols of a membership equational signature, we could use them to build more terms than those that we would have in the original logic; e.g., nil + 0, assuming 0 : nat and nil : list in the signature. But the use of such terms would enlarge the set of provable statements in a theory. For example, assume a given signature with two kinds k1 , k2 , an operation f : k1 → k1 and two constants a, b : k2 (sorts play no role): Given the equations (∀x, y) f (x) = f (y) and (∀x, y) x = y ⇐ f (x) = f (y), where x, y are k1 -kinded variables, disregarding well-typed terms we could deduce a = b. So it will be necessary to distinguish somehow the well-typed terms and, for that, we are forced again to represent variables in MERL as constants in CRWL. The task of recognising well-typed terms will be carried out by a binary function symbol wtterm in such a way that wtterm(t, k) → true if and only if the term t has kind k. For the rest of the section we will use V for the set of variables in MERL (it will be a K-kinded set for some set of kinds K) and X for the variables in CRWL.

42


Let then ((K, Σ, S), E) be a MERL signature, i.e., a membership equational logic theory; without loss of generality we can assume that the signature is not ambiguous, so that each term has a unique kind. We associate to it a CRWL-theory with signature Σ0 such that CΣ0 = Σ ∪ {true} ∪ K ∪ S ∪ V and FΣ0 = {wtterm, R, I, M }. For the sake of conceptual clarity and in order to avoid excessive repetition we will write wtterm(x, k) ./ true for wtterm(x1 , k1 ) ./ true, . . . , wtterm(xn , kn ) ./ true, and analogously using R and I instead of wtterm. The first set of rules are used to select the well-typed terms: wtterm(v, k) → true (∀v ∈ V of kind k ∈ K), wtterm(c, k) → true (∀c : k ∈ Σ), wtterm(f (x), k) → true ⇐ wtterm(x, k) ./ true (∀f : k1 . . . kn → k ∈ Σ). The next set of rules are used to simulate the equational calculus: I(x1 , x2 ) → true I(x, y) → true I(x, y) → true I(f (x), f (y)) → true

⇐ ⇐ ⇐ ⇐

x1 ./ x2 , wtterm(x1 , y1 ) ./ true, I(x, z) ./ true, I(z, y) ./ true, I(y, x) ./ true, I(x, y) ./ true, wtterm(x, k) ./ true, (∀f : k1 . . . kn → k) M (y, z) → true ⇐ I(x, y) ./ true, M (x, z) ./ true.

In addition, for every equation (∀W) t(v) = t0 (v) ⇐ a1 (v) = b1 (v) ∧ . . . ∧ am (v) = bm (v) ∧ w1 (v) : s1 ∧ . . . ∧ wp (v) : sp in E, with W ⊆ V containing all variables in v, the following rule is added I(t(x), t0 (x)) → true ⇐ I(a1 (x), b1 (x)) ./ true, . . . , I(am (x), bm (x)) ./ true, M (w1 (x), s1 ) ./ true, . . . , M (wp (x), sp ) ./ true, wtterm(x, k) ./ true, where ki is the kind of vi ; and similarly (replacing I with M ) for memberships. The fact that equations can now be conditional forces us to use a symbol different from R to simulate the equational logic. Otherwise, the effect that we would actually obtain is the weakening of those conditions because it would be enough for a term to rewrite to another, instead of being equationally equal to it, to satisfy them. One could think that there are some conditions of the form wtterm(x, k) ./ true missing in some of the above rules; for example, wtterm(y, k) ./ true in the translation of the monotonicity rule. However, all these conditions follow as logical consequences of the rules and our assumption that no term has two different kinds.


43

Regarding the rewriting logic part, we have the three rules we saw in Section 8, R(x1 , x2 ) → true ⇐ x1 ./ x2 , wtterm(x1 , y1 ) ./ true R(x, y) → true ⇐ R(x, z) ./ true, R(z, y) ./ true, R(f (x), f (y)) → true ⇐ R(x, y) ./ true, wtterm(x, k) ./ true, (∀f : k1 . . . kn → k) and two more R(x, y) → true ⇐ R(x0 , y) ./ true, I(x, x0 ) ./ true, R(x, y) → true ⇐ R(x, y 0 ) ./ true, I(y, y 0 ) ./ true. Now, the translation of a rewrite rule [l(v)] → [r(v)] if [a1 (v)] → [b1 (v)] ∧ . . . ∧ [am (v)] → [bm (v)] is R(l(x), r(x0 )) → true ⇐ R(a1 (x), b1 (x)) ./ true, . . . , R(am (x), bm (x)) ./ true, wtterm(x, k) ./ true, wtterm(x0 , k) ./ true, R(x, x0 ) ./ true, with ki the kind of vi . Besides renaming of variables there is another little difference between this translation and the one used in Section 8: the conditions R(x, x0 ) ./ true. The choice between either alternative is mainly a matter of taste, although the one used here reflects more accurately the rule RP of the RL calculus and simplifies a little bit one case in one of the proofs below. As in Section 8, the conditional rewrite rules corresponding to equations and rewrite rules must be linearised. Here, however, it is not necessary to add a condition x ./ x for those variables appearing just once, because we have already a condition wtterm(x, y). In what follows, we will write δ(T ) for the CRWL-theory associated to a MERLtheory T . We begin by stating some simple results, very much like those of Section 8. 11.1 Lemma Let T be an RL-theory, δ(T ) = (Σ0 , Γ0 ), and let e, e1 , . . . , en be expressions in Expr⊥ (Σ, X ). Then: 1. If δ(T ) `CRWL ⊥ → e, then e = ⊥; 2. For every c ∈ CΣ0 0 , if δ(T ) `CRWL c → e, then either e = ⊥ or e = c; 3. For every f ∈ CΣn0 , n > 0, if δ(T ) `CRWL f (e1 , . . . , en ) → e then either e = ⊥ or e = f (e01 , . . . , e0n ) with δ(T ) `CRWL ei → e0i for some e0i ∈ Expr⊥ (Σ0 , X ), i = 1, . . . , n;


44

4. If δ(T ) `CRWL Q(e1 , e2 ) → e with Q ∈ {R, I, M, wtterm}, then either e = ⊥, or e = true, or e = Q(e01 , e02 ) with δ(T ) `CRWL ei → e0i for some e0i ∈ Expr⊥ (Σ0 , X ), i = 1, 2. 2 11.2 Lemma Let T be an RL-theory with signature ((K, Σ, S), E), δ(T ) = (Σ0 , Γ0 ), and let e, e0 ∈ Expr⊥ (Σ0 , X ). 1. If δ(T ) `CRWL e → e0 and e0 ∈ TΣ (V) ∪ K ∪ S then e = e0 ; 2. If δ(T ) `CRWL e → e0 , e ∈ TΣ (V) and e0 is total, then e = e0 ; 3. If δ(T ) `CRWL e ./ e0 and e ∈ TΣ (V) or e0 ∈ TΣ (V) then e = e0 ; 4. δ(T ) `CRWL wtterm(e, e0 ) → true ⇐⇒ e0 ∈ K and e ∈ TΣ (V)e0 . Proof. 1. Let us study the last rule in the derivation of δ(T ) `CRWL e → e0 . • B and J are not possible. • RF. Trivial. • MN. For constants or members of V, K or S it is immediate. For n-ary functions with n > 0, apply induction hypothesis. • TR. Apply induction hypothesis twice. • R. It is not possible: e0 would be true. 2. Structural induction on e. If e = vi then e0 = ⊥ or e0 = vi and the first option is not possible because e0 is total. If e = f (e1 , . . . , en ) then e0 = ⊥ or e0 = f (e01 , . . . , e0n ) with δ(T ) `CRWL ei → e0i for some e0i ∈ Expr⊥ (Σ0 , X ), i = 1, . . . , n: the first option is not possible and, as each ei must be total, the result follows by induction hypothesis. 3. It follows from 1 and 2. 4. The implication from right to left is proved by structural induction on e. If e = f (e1 , . . . , en ) with f : k1 . . . kn → k ∈ Σ and ei ∈ TΣ (V)ki , then we have δ(T ) `CRWL wtterm(ei , ki ) → true, 1 ≤ i ≤ n by induction hypothesis, and the result follows by applying the rule wtterm(f (x1 , . . . , xn )) → true ⇐ wtterm(x1 , k1 ) ./ true, . . . , wtterm(xn , kn ) ./ true associated to f . The other direction is proved by structural induction on the derivation. There are only two possibilities for the last rule applied: either R or TR. For the first case


45

the result is an easy consequence of the induction hypothesis. Otherwise we have wtterm(e, e0 ) → e00 e00 → true wtterm(e, e0 ) → true for some e00 that must be ⊥, true or wtterm(e1 , e01 ) with δ(T ) `CRWL e → e1 and δ(T ) `CRWL e0 → e01 . The first option is not possible. If it is the second, the induction hypothesis provides the result. In the third case, we have e01 ∈ K and e1 ∈ TΣ (V)e01 by induction hypothesis, and by 1, e = e1 , e0 = e01 . 2 11.3 Proposition Let T be an RL-theory with signature ((K, Σ, S), E), δ(T ) = (Σ0 , Γ0 ), and let t, t0 , s ∈ Expr⊥ (Σ0 , X ): δ(T ) `CRWL I(t, t0 ) → true ⇐⇒ (∃k ∈ K) t, t0 ∈ TΣ (V)k and E ` (∀V) t = t0 δ(T ) `CRWL M (t, s) → true ⇐⇒ (∃k ∈ K) t ∈ TΣ (V)k , s ∈ Sk and E ` (∀V) t : s Proof. Let us prove the left to right implication, by induction on the derivation. The last rule must have been TR or R. In the first case it is I(t, t0 ) → e e → true , 0 I(t, t ) → true with e equal to ⊥, true, or I(t1 , t01 ) for some t1 , t01 such that δ(T ) `CRWL t → t1 and δ(T ) `CRWL t0 → t01 . The first case is not possible; for the second, the induction hypothesis immediately gives the result. For the third one, by induction hypothesis we have t1 , t01 ∈ TΣ (V)k for some k ∈ K and E ` (∀V) t1 = t01 , and then, by Lemma 11.2(1), t = t1 and t0 = t01 . Analogously with M (t, s) in place of I(t, t0 ). Now suppose the last rule applied has been R; we have the following cases: • If it is

t ./ t0

wtterm(t, k) ./ true I(t, t0 ) → true

then, by Lemma 11.2(4), k ∈ K and t ∈ TΣ (V)k and by Lemma 11.2(3) t = t0 , so E ` (∀V) t = t0 . • For the following three rules (corresponding to transitivity, symmetry, and monotonicity) the result is an immediate consequence of the induction hypothesis, recalling that, by assumption, each well-typed term has just one kind. Note that for the monotonicity rule, the conditions wtterm(x, k) ./ true, assure us that t and t0 are well-typed.

46

§11. Simulating MERL in CRWL • If it is

I(t0 , t) ./ true M (t0 , s) ./ true M (t, s) → true

then, by induction hypothesis and because terms have just one kind, t, t0 ∈ TΣ (V)k , s ∈ Sk , E ` (∀V) t = t0 and E ` (∀V) t0 : s, and so we have E ` (∀V) t : s. • For a rule corresponding to an equation or membership simply note that the conditions wtterm(x, k) ./ true together with those x ./ yj resulting from linearising guarantee, by virtue of Lemma 11.2(4,3), that all variables which arose from the same one are instantiated with the same term, and that this has the correct kind. Then the result holds by induction hypothesis. On the other hand, the faithfulness with which the conditional rewrite rules reflect the rules in membership equational logic makes the other implication easy to be proved by induction on the derivation. For example, if the last rule used is reflexivity E ` (∀V) t = t

,

then by Lemma 11.2(4) we have δ(T ) `CRWL wtterm(t, k) → true, and instantiating x1 and x2 with t and y1 with k in I(x1 , x2 ) → true ⇐ x1 ./ x2 , wtterm(x1 , y1 ) ./ true, we get the result. 2 With these results we are already in a position to prove the correctness of the translation. 11.4 Proposition Given any RL-theory T with signature ((K, Σ, S), E) and set of rules Γ, and given l, r ∈ TΣ (V), the following are equivalent: 1. T `RL [l] → [r]; 2. (∃l0 ∈ [l], ∃r 0 ∈ [r]) δ(T ) `CRWL R(l0 , r 0 ) → true; 3. (∀l0 ∈ [l], ∀r 0 ∈ [r]) δ(T ) `CRWL R(l0 , r 0 ) → true. Proof. The equivalence between 2 and 3 holds because of Proposition 11.3 and the rules R(x, y) → true ⇐ R(x0 , y) ./ true, I(x, x0 ) ./ true and R(x, y) → true ⇐ R(x, y 0 ) ./ true, I(y, y 0 ) ./ true. Let us see 1 ⇒ 2, by induction on the derivation of T `RL [l] → [r]. According to the last rule applied, we have:


47

• RF. In this case [l] = [r] and we can take l0 = r 0 = l. • TR. From

T `RL [l] → [t] T `RL [t] → [r] T `RL [l] → [r]

and the induction hypothesis it follows δ(T ) `CRWL R(l0 , t0 ) → true and δ(T ) `CRWL R(t00 , r 0 ) → true for some l0 ∈ [l], r 0 ∈ [r], t0 , t00 ∈ [t]. But then, by the equivalence between 2 and 3, δ(T ) `CRWL R(t0 , r 0 ) → true, and we can deduce δ(T ) `CRWL R(l0 , r 0 ) → true. • CG. Similarly. • RP. We have, for some [l(v)] → [r(v)] if [a1 (v)] → [b1 (v)], . . . , [am (v)] → [bm (v)] in Γ, T `RL

T `RL [w1 ] → [w10 ] . . . T `RL [wn ] → [wn0 ] [a1 (w/v)] → [b1 (w/v)] . . . T `RL [am (w/v)] → [bm (w/v)] . T `RL [l(w/v)] → [r(w0 /v)]

By induction hypothesis, and the equivalence between 2 and 3, δ(T ) `CRWL R(wi , wi0 ) → true for i = 1, . . . , n, and δ(T ) `CRWL R(ai (w/v), bi (w/v)) → true for i = 1, . . . , m. Working with the translated rule, if all variables x corresponding to a variable vi (recall that rules are linearized) are instantiated with wi , and analogously for x0 and wi0 , the conditions of the form x ./ yj , wtterm(x, k) ./ true, are also satisfied and therefore we get δ(T ) `CRWL R(l(w/v), r(w0 /v)) → true. For 2 ⇒ 1, it will be enough to prove that if δ(T ) `CRWL R(l, r) → true then l, r ∈ TΣ (V) and T `RL [l] → [r]. The last rule used in such a derivation must be TR or R. • TR. From δ(T ) `CRWL R(l, r) → e δ(T ) `CRWL e → true δ(T ) `CRWL R(l, r) → true it follows that e is ⊥, true, or R(l0 , r 0 ) with δ(T ) `CRWL l → l0 , δ(T ) `CRWL r → r 0 . The first case is not possible; for true we apply the induction hypothesis; in the third case, by induction hypothesis, l0 , r 0 ∈ TΣ (V) and T `RL [l0 ] → [r 0 ], and by Lemma 11.2(1), l = l0 and r = r 0 . • R. Let us just consider the most complex case, namely, when the translation of one of the rules in Γ is used (the remaining cases are the rules reflecting the

48

§12. Reflection in CRWL and in RL reflexivity, transitivity and congruence of the calculus, as well as the two rules dealing with rewriting modulo the set of equations): R(l(x), r(x0 )) → true ⇐ R(a1 (x), b1 (x)) ./ true, . . . , R(am (x), bm (x)) ./ true, wtterm(x, k) ./ true, wtterm(x0 , k) ./ true, R(x, x0 ) ./ true. The conditions wtterm(x, k) ./ true, wtterm(x0 , k) ./ true ensure that variables are instantiated with terms with the right kind, and the conditions imposed by linearisation (not reflected above) that the necessary identifications are made. Then the result follows by induction hypothesis, applying the replacement rule of RL. 2

§12.

Reflection in CRWL and in RL

Intuitively, a reflective logic is a logic in which important aspects of its metatheory, such as theories and entailment, can be represented and reasoned about in the logic. A general axiomatic notion of reflective logic was recently proposed in [6]. The notion is itself expressed in terms of the notion of an entailment system (see Section 2.2). Given an entailment system E and a nonempty set of theories C in it, a theory U is C-universal if there is a function, called a representation function, ( ` ):

[

({T } × sen(T )) → sen(U ),

T ∈C

such that for each T ∈ C, ϕ ∈ sen(T ), T ` ϕ iff

U ` T ` ϕ.

If, in addition, U ∈ C, then the entailment system E is called C-reflective. Finally, a reflective logic is a logic whose entailment system is C-reflective for C the class of all finitely presentable theories in the logic. Note that in a reflective logic, since U itself is representable, representation can be iterated; hence we immediately have a “reflective tower” T ` ϕ iff

U `T `ϕ

iff

U ` U ` T ` ϕ...

RL has been proved to be reflective in [6, 7, 10] and we will use this result to obtain an analogous one for CRWL. Strictly speaking, the notion of reflection does not

§12. Reflection in CRWL and in RL

49

apply to CRWL as it was observed in Section 5 that it does not have an associated entailment system. Even in the case of RL, except for the original result in [6], which unc presented made use of a slightly restricted version of the entailment system ERL in Section 6, subsequent generalizations do not fit within the formal definition of reflection as they allow conditional sentences on the left of the entailment relation but not on the right. For this reason, in what follows we consider a “loose” definition of reflection (making use of some kind of “weak” entailment system) general enough to encompass all the cases just discussed. Let U be a universal theory for RL; we will use it to prove that CRWL is also reflective. In Sections 7 and 8 we defined mappings α and β that map a theory T in CRWL, respectively in RL, to a theory in RL, respectively in CRWL, which simulates the behaviour of T . By abuse of notation we will also use α and β to name the translation of sequents defined in those sections. (Recall that α(T ) is not obtained by simply applying α to every ϕ ∈ T , and analogously for β.) Then, given an arbitrary CRWL-theory T and a statement ϕ, we have the following chain of equivalences: T `CRWL ϕ

⇐⇒ ⇐⇒ ⇐⇒

α(T ) `RL α(ϕ) U `RL α(T ) ` α(ϕ) β(U) `CRWL β(α(T ) ` α(ϕ)),

which proves that β(U) is universal in CRWL. As it has been pointed out previously, the reflective results about RL have been proved only for special cases. The one we need here is that in which the underlying equational logic is unsorted and the rules are conditional [10]. Moreover, the results presented here allow us to extend the reflective results to the full power of RL with membership equational logic. For that, we can consider that α yields theories in RL over membership equational logic because unsorted equational logic is naturally embeddable in it, and let δ be the function defined in Section 11 such that, for T a MERL-theory, T `RL ϕ ⇐⇒ δ(T ) `CRWL δ(ϕ). Then, for W any universal theory in CRWL, T `RL ϕ ⇐⇒ δ(T ) `CRWL δ(ϕ) ⇐⇒ W `CRWL δ(T ) ` δ(ϕ) ⇐⇒ α(W) `RL α(δ(T ) ` δ(ϕ)), which proves that α(W) is universal in MERL. We can try to develop further these results and, for that, let us take a closer look at the translation of Section 7. It can be seen that the rewriting relation does not play a key role, in the sense that nondeterminism is not involved and it seems that, at most, it forbids the derivation of equalities such as tterm(v0 ) = pexpr(v1 ) that could be obtained if the rewriting rules were substituted by equations. Forgetting about

50


equations for the moment, we can safely move from RL to membership equational logic by substituting the rewriting relation by memberships. More precisely, given a signature Σ with constructors in CRWL we associate to it a membership equational theory ((K, Σ0 , S), Γ0 ) over a signature with just one kind, K = {∗}, and a unique sort S∗ = {true}, and Σ0 = CΣ ∪ FΣ ∪ {tterm, pterm, pexpr, ⊥, ./, R} ∪ V , with tterm, pterm, pexpr, R and ./, binary functions, and ⊥ and the elements of V, constants. The sentences of Γ0 are obtained from the rewrite rules of Section 7 by substituting memberships for the rewrite relation; for example, a rewrite rule like R(x, ⊥) → true if pexpr(x) → true becomes the conditional membership (∀X ) R(x, ⊥) : true ⇐ pexpr(x) : true. Then, given a CRWL-theory T = (Σ, Γ) we associate to it the membership equational theory α0 (T ) resulting from adding to ((K, Σ0 , S), Γ0 ) a conditional membership (∀X ) R(l(x), r(x)) : true ⇐ a1 (x) ./ b1 (x) : true ∧ . . . ∧ am (x) ./ bm (x) : true ∧ pterm(x1 ) : true ∧ . . . ∧ pterm(xn ) : true for every l(v) → r(v) ⇐ a1 (v) ./ b1 (v), . . . , am (v) ./ bm (v) in Γ. (Recall that we had different sets of variables for CRWL and RL.) Then, it can be proved that 12.1 Proposition Given a CRWL-theory T = (Σ, Γ) such that its associated membership equational theory is α0 (T ) = ((K, Σ0 , S), Γ0 ), then, if l, r, a, b ∈ TΣ0 (X ): l, r ∈ Expr⊥ (Σ, V) and T `CRWL l → r a, b ∈ Expr⊥ (Σ, V) and T `CRWL a ./ b

⇐⇒ ⇐⇒

α0 (T ) ` (∀X ) R(l, r) : true α0 (T ) ` (∀X ) a ./ b : true. 2

The proof parallels that of Section 7; we will prove the analogous to Lemmas 7.2 and 7.3, but leave out the proof of the main proposition which it is a bit longer. 12.2 Lemma Let T = (Σ, Γ) be a CRWL-theory, α0 (T ) = ((K, Σ0 , S), Γ0 ), and e, e0 ∈ TΣ0 (X ). If α0 (T ) ` (∀X ) e = e0 , then e = e0 . Proof. Trivial by induction on the derivation, as the only sentences that can be instantiated by modus ponens are memberships. 2 (Note that Lemma 7.2 had a second case which would be trivial here and that, in fact, will not be needed.)


51

12.3 Lemma If T = (Σ, Γ) is a CRWL-theory, α0 (T ) = ((K, Σ0 , S), Γ0 ), and e ∈ TΣ0 (X ), then: 1. e ∈ Term(Σ, V) ⇐⇒ α0 (T ) ` (∀X ) tterm(e) : true, 2. e ∈ Term⊥ (Σ, V) ⇐⇒ α0 (T ) ` (∀X ) pterm(e) : true, 3. e ∈ Expr⊥ (Σ, V) ⇐⇒ α0 (T ) ` (∀X ) pexpr(e) : true. Proof. 1. For the ⇒ part, by structural induction on the expression e: If e = vi the results follows by modus ponens, applying (∀X ) tterm(vi ) : true; if e = h(e1 , . . . , en ) with h ∈ CΣn , from (∀X ) tterm(h(x1 , . . . , xn )) : true ⇐ tterm(x1 ) : true ∧ . . . ∧ tterm(xn ) : true and the induction hypothesis. For the ⇐ part, by induction on the last rule of the derivation: • Reflexivity, symmetry, transitivity, and congruence, are not possible. • Membership. If for some e0 ∈ TΣ0 (X ) α0 (T ) ` e0 = e α0 (T ) ` tterm(e0 ) : true , 0 α (T ) ` tterm(e) : true then, by the induction hypothesis we have e0 ∈ Term(Σ, V) and, by Lemma 12.2, e = e0 . • Modus ponens. The only sentences that can be used are (∀X ) tterm(vi ) : true with vi ∈ V, and (∀X ) tterm(h(x1 , . . . , xn )) : true ⇐ tterm(x1 ) : true ∧ . . . ∧ tterm(xn ) : true with h ∈ CΣn . In the first case there is nothing to prove; in the second, simply apply the induction hypothesis. 2. Facts 2 and 3 are proved in an analogous way.

2

Let then T be a membership equational theory. As T can be seen as a MERL-theory with empty set of rules the result of Proposition 11.3 applies and, given terms t and t0 and W universal in CRWL, we have the following chain of equivalences: T ` (∀X ) t = t0

⇐⇒ ⇐⇒ ⇐⇒

δ(T ) `CRWL I(t, t0 ) → true W `CRWL δ(T ) ` I(t, t0 ) → true α0 (W) ` α0 (δ(T ) ` I(t, t0 ) → true),

and similarly for a membership (∀X ) t : s. These equivalences nearly prove that α0 (W) is universal in membership equational logic. The point missing is that we

§13. An Institution for CRWL

52

have been working with the set X of all variables instead of an arbitrary set of variables containing all those appearing in the terms t and t0 . Without this restriction we would only have a left to right implication instead of the first equivalence because of the well-known complications with quantification in many-sorted equational deduction [13]. While we can always safely add more variables to those in the quantification of a provable sentence, it is possible to find a theory T , terms t and t0 , and a set Y ⊆ X containing all variables in t and t0 such that T ` (∀X ) t = t0 , but T 6` (∀Y) t = t0 ; therefore, from δ(T ) `CRWL I(t, t0 ) → true it does not follow that T ` (∀Y) t = t0 . A way out of this problem would be to consider only signatures with nonempty kinds, so that we could forget about making variables explicit in the equations. Under this assumption, the above chain of equivalences shows that membership equational logic is reflective.

§13.

An Institution for CRWL

We associate to CRWL an institution ICRWL = (Sign, sen, Mod, |=), given by: • Sign: the category of signatures with constructors and signature morphisms, as defined in Section 3; • sen : Sign → Set the functor assigning to each signature Σ the set of all conditional rewrite rules over it, and to each signature morphism, its extension to rewrite rules; • Mod : Signop → Cat the functor assigning to each signature the category of CRWL-algebras and homomorphisms over it, and to each σ : Σ → Σ0 the forgetful functor taking A0 ∈ |Mod(Σ0 )| to the CRWL-algebra A0σ with the 0 0 same underlying poset and such that hAσ = σ(h)A for all h ∈ Σ, and which is the identity over homomorphisms; • |= the satisfiability relation in CRWL. In [24], a restricted version of this institution (although more suitable for the study of modules intended there) is assigned to CRWL. Our own definition is also presented there, but no proofs of its correction are given. Also in [24] a weaker version of the following proposition, in which signatures share the same constructor symbols and signature morphisms are the identity over them, is proved. 13.1 Proposition Let σ : Σ → Σ0 be a signature morphism and let A0 ∈ |Mod(Σ0 )| be a CRWL-algebra. Then, for every expression e ∈ Expr⊥ (Σ, X ) and every valuation η over A0 , 0 0 [[σ(e)]]A η = [[e]]Aσ η.


53

Proof. Structural induction on e. For e = x it is trivial because σ(x) = x. If 0 0 e = h(e1 , . . . , en ) with h ∈ CΣn ∪ FΣn , then we have [[σ(ei )]]A η = [[ei ]]Aσ η, 1 ≤ i ≤ n, by induction hypothesis, and 0

0

[[σ(h(e1 , . . . , en ))]]A η = = = =

[[σ(h)(σ(e1 ), . . . , σ(en ))]]A η 0 0 0 σ(h)A ([[σ(e1 )]]A η, . . . , [[σ(en )]]A η) 0 0 0 hAσ ([[e1 ]]Aσ η, . . . , [[en ]]Aσ η) 0 [[h(e1 , . . . , en )]]Aσ η. 2

13.2 Proposition ICRWL is an institution. Proof. It is immediate to see that Sign is a category and sen is a functor. For Mod, we must first check that it is well defined over signature morphisms. Let σ : Σ → Σ0 be a signature morphism, A0 , B 0 ∈ |Mod(Σ0 )|, and F : A0 → B 0 a homomorphism. Is F = Mod(σ)(F ) a homomorphism from A0σ to Bσ0 ? 0

0

0

0

• for all u ∈ D Aσ = D A , there is v ∈ D Bσ = D B such that F (u) = hvi, because F : A0 → B 0 is a homomorphism; • F (⊥A0σ ) = F (⊥A0 ) = ⊥B0 = ⊥Bσ0 ; 0

0

0

0

0

0

• for all c ∈ CΣn , ui ∈ DAσ : F (cAσ (u1 , . . . , un )) = F (σ(c)A (u1 , . . . , un )) = 0 0 σ(c)B (F (u1 ), . . . , F (un )) = cBσ (F (u1 ), . . . , F (un )); • for all f ∈ FΣn , u1 ∈ D Aσ : F (f Aσ (u1 , . . . , un )) = F (σ(f )A (u1 , . . . , un )) ⊆ 0 0 σ(f )B (F (u1 ), . . . , F (un )) = f Bσ (F (u1 ), . . . , F (un )). It is easy to see that Mod preserves identities and composition, so Mod is indeed a functor. It only remains to prove that the satisfaction condition is verified. Let σ : Σ → Σ0 be a signature morphism, A0 ∈ |Mod(Σ0 )|, and ϕ ∈ sen(Σ). We have to prove that A0 |= σ(ϕ) ⇐⇒ A0σ |= ϕ. By Proposition 13.1,

0

0

[[e]]Aσ η = [[σ(e)]]A η for every e ∈ Expr⊥ (Σ, X ) and valuation η. Let ϕ = e → e0 be a reduction statement. Then, for any valuation η, 0

0

(A0 , η) |= σ(ϕ) ⇐⇒ [[σ(e0 )]]A η ⊆ [[σ(e)]]A η 0 0 ⇐⇒ [[e0 ]]Aσ η ⊆ [[e]]Aσ η ⇐⇒ (A0σ , η) |= ϕ,

54


and analogously for ϕ a joinability statement. Now, if l → r ⇐ C is a conditional rewrite rule, it follows that A0σ |= C ⇐⇒ A0 |= σ(C) and A0σ |= l → r ⇐⇒ A0 |= σ(l → r), and thus the satisfaction condition is indeed verified. 2 We will now study some of the properties of this institution. First of all, every category of models has products. The construction make explicit below is the standard one, though a bit obscure due to its generality in order to deal with infinite products and the own characteristics of CRWL. 13.3 Proposition If T = (Σ, Γ) is a CRWL-theory, the category Mod(T ) has products. Proof. Let I be a set and {Ai | i ∈ I} a family of CRWL-algebras in Mod(T ). We Q define their product i∈I Ai by • The poset D ΠAi = {a : I → a(i) v a0 (i) for all i ∈ I;

S

i∈I

D Ai | a(i) ∈ Ai }, with a v a0 if and only if

• For all f ∈ FΣn , the function f ΠAi (a1 , . . . , an ) = i∈I f Ai (a1 (i), . . . , an (i)) = {a ∈ D ΠAi | a(i) ∈ f Ai (a1 (i), . . . , an (i)) for all i ∈ I}; Q

• For all c ∈ CΣn , the function cΠAi (a1 , . . . , an ) = i∈I cAi (a1 (i), . . . , an (i)) = {a ∈ D ΠAi | a(i) ∈ cAi (a1 (i), . . . , an (i)) for all i ∈ I}. Q

Clearly, D ΠAi is a poset, the bottom being the function mapping each i ∈ I to the bottom in Ai . If a ∈ f ΠAi (a1 , . . . , an ) and a0 v a then, for all i ∈ I we have a0 (i) v a(i) ∈ f Ai (a1 (i), . . . , an (i)) and, as f Ai (a1 (i), . . . , an (i)) is a cone, it must be a0 (i) ∈ f Ai (a1 (i), . . . , an (i)) and thus f ΠAi (a1 , . . . , an ) is a cone too. Besides, it is easy to check that f ΠAi is monotone. For c ∈ CΣn it turns out that cΠAi (a1 , . . . , an ) = hai, where cAi (a1 (i), . . . , an (i)) = ha(i)i for all i ∈ I. Therefore Q i∈I Ai is well-defined.

We also have to prove that i∈I Ai satisfies Γ. The proof follows along the same Q lines as the previous paragraph. An element a is maximal in i∈I Ai if and only if it is the product of maximal elements in Ai , i.e., a(i) is maximal in Ai for all Q i ∈ I. Valuations in i∈I Ai are products of valuations in Ai . For every expression e and valuations ηi : X → Ai , it is easily proved by structural induction that Q Q Q [[e]]ΠAi i∈I ηi = i∈I [[e]]Ai ηi . But then i∈I Ai satisfies a reduction or a joinability Q statement if and only if every Ai satisfies it, and therefore i∈I Ai satisfies Γ. Q

Finally, i∈I Ai has the universal property required for products. The projecQ tions Pj : i∈I Ai → Aj , defined as Pj (a) = ha(j)i, are CRWL-homomorphisms. Q

§13. An Institution for CRWL Clearly Pj is monotone and, for example, given c ∈ CΣn , a1 , . . . , an ∈ cAj (a1 (j), . . . , an (j)) = hvj i for some vj ∈ Aj , then Pj (cΠAi (a1 , . . . , an )) = = = = =

Q

i∈I

55

Ai , and if

S {ha(j)i | a ∈ cΠAi (a1 , . . . , an )} S ΠAi Ai

{ha(j)i | a ∈ D , a(i) ∈ c (a1 (i), . . . , an (i))} hvj i cAj (a1 (j), . . . , an (j)) cAj (Pj (a1 ), . . . , Pj (an )),

and so Pj preserves constructors. Given B ∈ Mod(T ) and homomorphisms Fi : Q B → Ai , the unique homomorphism G : B → i∈I Ai such that Pi ◦ G = Fi for Q every i ∈ I is given by G(b) = i∈I Fi (b). Uniqueness is clear, G is element-valued Q because an ideal in i∈I Ai is a product of ideals in Ai , and preservation of functions and constructors follows without difficulty. 2 Mod(T ) is not complete, however, as in Section 16 it is shown that, in general, Mod(T ) does not have equalizers. The institution associated to CRWL in [24] was proved to be semiexact there. This result can be generalized to our case. 13.4 Proposition ICRWL is a semiexact institution. Proof. We first prove that the category Sign has pushouts. For that, let Σ0 , Σ1 and Σ2 be signatures and let σ1 : Σ0 → Σ1 and σ2 : Σ0 → Σ2 be signature morphisms. For simplicity of notation and without loss of generality, in what follows we assume Σ1 and Σ2 to be disjoint (renaming if necessary). The construction for the pushout is analogous to that of pushouts in Set: we consider the union—it would have been the disjoint union if we had not supposed Σ1 and Σ2 to be disjoint—of Σ1 and Σ2 (keeping constructors and function symbols separate) and identify σ1 (h) with σ2 (h) for all h ∈ Σ0 . Schematically, Σ0

σ1

σ2

- Σ1

µ1 ?

Σ2

µ2

? - Σ3 = (Σ1 ∪ Σ2 )/ ≡

where ≡ is the least equivalence relation in Σ1 ∪ Σ2 verifying σ1 (h) ≡ σ2 (h), and µ1 and µ2 take each element to its quotient class. Note that only symbols with the same arity can be related. The proof that Σ3 is the pushout is the same as that in Set.

56


Let us now check that Mod takes a pushout in Sign into a pullback in Cat. The diagram Mod(Σ3 )

Mod(µ2 )

Mod(µ1 )

- Mod(Σ2 )

Mod(σ2 ) ?

Mod(Σ1 )

Mod(σ1 )

? - Mod(Σ0 )

commutes, because it is obtained by applying a functor to a commutative diagram. To see that it satisfies the universal property of pullbacks, let C be a category and F1 : C → Mod(Σ1 ), F2 : C → Mod(Σ2 ) be functors such that Mod(σ1 ) ◦ F1 = Mod(σ2 ) ◦ F2 . We have to find a unique functor F : C → Mod(Σ3 ) such that Mod(µ1 ) ◦ F = F1 and Mod(µ2 ) ◦ F = F2 . For that, if c ∈ |C|, let us consider the algebras A1 = F1 (c) and A2 = F2 (c). Due to the hypothesis, Mod(σ1 )(A1 ) = Mod(σ2 )(A2 ) so, by the definition of Mod over signature morphisms, the underlying posets of A1 and A2 coincide. We can then define F (c) to be the algebra A3 given by • D A3 = D A1 = D A2 , • for every [h] ∈ Σ3 , [h]A3 = hA1 if h ∈ Σ1 , or [h]A3 = hA2 if h ∈ Σ2 . In order to see that A3 is well-defined let ∼ be the relation defined over Σ1 ∪ Σ2 by A1 1 h1 ∼ h2 ⇐⇒ hA 1 = h2 A2 2 if h1 , h2 ∈ Σ2 , h1 ∼ h2 ⇐⇒ hA 1 = h2   A1 2 if h1 ∈ Σ1 , h2 ∈ Σ2 , h1 ∼ h2 ⇐⇒ h1 = hA 2 .

   if h1 , h2 ∈ Σ1 ,

It is easy to check that ∼ is an equivalence relation and that, as Mod(σ1 )(A1 ) = Mod(σ2 )(A2 ), σ1 (h) ∼ σ2 (h) for all h ∈ Σ0 . Then, by definition, the relation ≡ is included in ∼. Given [h] ∈ Σ3 and h1 ∈ [h], i.e., h ≡ h1 , it follows that h ∼ h1 and 2 assuming (without loss of generality) that h ∈ Σ1 and h1 ∈ Σ2 , we have hA1 = hA 1 and therefore [h]A3 is well-defined. [h] for some h ∈ Σ1 ∪ Σ2 , A3 is well-defined. Over morphisms, as Mod(σ1 ) and Mod(σ2 ) are, by definition, the identity, we have by the hypothesis that F1 and F2 are equal and we define F to coincide with them: F so defined is actually a functor. Besides, for all h ∈ Σ1 hMod(µ1 )(A3 ) = µ1 (h)A3 = [h]A3 = hA1 and it follows that Mod(µ1 ) ◦ F = F1 ; analogously Mod(µ2 ) ◦ F = F2 . The uniqueness of F is immediate taking the definitions of Mod(µ1 ) and Mod(µ2 ) into account. 2

§14. An Institution for RL

§14.

57

An Institution for RL

We again turn our atention to the version of RL which has unsorted and unconditional equational logic as underlying logic. The task of assigning an institution to it will prove to be harder than expected; we begin discussing the most obvious possibilities and the difficulties they pose. The first idea is to define the category of signatures Sign and the functor sen in the same way as in the entailment system of Section 6; that is, Sign would be the category of equational theories and theory morphisms, and sen the functor assigning to an equational theory the set of all its associated conditional rewrite rules. The choice for the functor Mod : Signop → Cat is not so obvious, but a possible one would be to map a signature (Σ, E) to the category R-Sys, where R is the RLtheory over (Σ, E) with empty set of rules; its behaviour over morphisms would be the expected one. But as soon as we face the notion of satisfaction, problems start to arise. As discussed in Section 6 satisfaction in RL is only defined for unconditional rules, and there are at least two ways, both of them seemingly correct, in which this notion can be extended to conditional rewrite rules. The first possibility would be to define, given an R-system S, S |= [t] → [t0 ] if [a1 ] → [b1 ] ∧ . . . ∧ [am ] → [bm ] if S |= [ai ] → [bi ] i = 1, . . . , m

=⇒

S |= [t] → [t0 ].

The other alternative is that already presented in Section 6, namely S |= [t] → [t0 ] if [a1 ] → [b1 ] ∧ . . . ∧ [am ] → [bm ] if there exists a natural transformation α : tS ◦ JS ⇒ t0S ◦ JS , where JS : Subeq((ajS , bjS )1≤j≤m ) → S n . The first option looks very natural, but the second one is more in accordance with the spirit of R-systems: which one should we choose? Before thinking of the answer to this question we should ask ourselves whether these two definitions are actually nonequivalent. In this regard it is not hard to show that the second definition implies the first one, but that the converse does not hold is proved by the following counterexample. Assume an RL-theory R with Σ = {c, d, f, g}, c and d constants and f and g unary functions, and with empty sets of equations and rules. Let S be the R-system given by a discrete category with just two objects A and B, and the following interpretation for the elements of Σ: cS = A, dS = B, fS = id S , gS the constant functor equal to

58


B. Clearly, there does not exist a natural transformation fS ⇒ gS and so, using the first definition, S trivially satisfies the conditional rule c → d if f (x) → g(x). On the other hand, as the subequalizer of fS and gS is not the empty category (the pair (B, id B ) belongs to it) and no morphism from cS to dS exists, S is not a model of c → d if f (x) → g(x) under the second definition. Therefore we are forced to choose between one of the two options, the second one being more restrictive than the first one. Meseguer’s idea when defining RL was to build an instance of a categorical logic. In a categorical logic, the notion of satisfaction is more restrictive than in a classical one in the “constructive” sense that all the syntactic elements of a sentence must be reified inside any of its models; this is precisely the role played by the subequalizer in the second definition. This comment, in addition to the definition of R-systems (and the existence of a sound and complete calculus), supports the choice of this second alternative as our definition of satisfaction for conditional rewrite rules. After all the discussion in the preceding paragraphs we are finally left with a proposed institution for RL; however, this definition is not entirely satisfactory. Up to this point we have omitted any explicit mention of the set of labels of an RL-theory. Cannot we simply consider it a part of the signature, as pointed out when defining c ? Not here. Due to the set of labels L in an RL-theory the entailment system ERL R = (Σ, E, L, Γ), the elements of Γ become special, labelled rewrite rules. These rules force R-systems to have a certain internal structure: not only R-systems must satisfy them, but also must associate to them a distinguished natural transformation that—in addition to the operations in the signature—must be preserved by homomorphisms. And this structure cannot be imposed by the set of labels alone (as there is no information about the source or the target in the label itself), but in conjunction with Γ. In our proposed institution, however, this structure is not considered because we have defined Mod(Σ, E) = (Σ, E, ∅, ∅)-Sys. In particular, homomorphisms are not subjected to preserve any rewrite rule and, for Γ a set of rewrite rules and R the RL-theory given by (omitting labels) (Σ, E, Γ), the categories R-Sys and Mod(Γ) turn out to be different, in opposition to our original intention. Even if equality with R-Sys were not a primary concern, the category Mod(Γ) would still be unsatisfactory since it doesn’t follow one of the “sacred” principles in algebraic specification: the existence of initial objects. To see this consider a signature consisting of just two constants a and b, and Γ = {a → b}. A category S with two objects A and B interpreting a and b, and two morphisms m and n from A to B, is an element of Mod(Γ); mapping m to n and n to m we obtain a homomorphism F : S → S. If I were an initial object in Mod(Γ), there should exist a morphism h : aI → bI in I, and a (unique) homomorphism G : I → S preserving the operations in Σ. But then, aI 6= bI and G(h) should be equal to either m or n;


59

composing G with F we would obtain another homomorphism from I to S. The above remarks show that the set of labels cannot be simply discarded, and compel us to find a better definition in which the extra structure provided by labelled rules is taken into account. The obvious step towards this direction is to redefine the functor Mod so that models are endowed with a richer structure. Now, the S objects in Mod(Σ, E) can be the objects in R=(Σ,E,LR ,R) R-Sys (LR is any labelling R⊆sen (Σ,E)

of R); that is, we consider all possible RL-theories R over (Σ, E) and collect the corresponding R-systems. The R-systems in our original definition are included in this new one by taking LR = R = ∅. In addition, now we also consider R-systems with distinguished natural transformations. Regarding morphisms F : S → S 0 in Mod(Σ, E) we have several possibilities. One of them would be just to allow homomorphisms, preserving operations in the signature as well as rewrite rules, between objects S and S 0 belonging to the same category R-Sys. Also, we could relax this condition and allow morphisms F : S → S 0 when S ∈ |R-Sys|, S 0 ∈ |R0 -Sys|, and R ⊆ R0 : the additional structure in S 0 would simply be ignored. We will not consider more possibilities and rest on these two for intuition. Note, however, that the definitions presented here are two different instances of a very general Grothendieck construction. The first one corresponds to a functor G : T → Cat, where T is the discrete category of all RL-theories, mapping R to R-Sys. Enriching T with inclusion morphisms, G can be extended to G0 : T op → Cat by mapping an inclusion R → R0 to the forgetful functor R0 -Sys → R-Sys; its associated Grothendieck construction would give rise to the second alternative. By considering different families of morphisms among the RL-theories, we would obtain different notions of morphism in Mod(Σ, E). Despite all our efforts in the previous paragraph we are still left, essentially, with the same problems we had when we decided to revise our original definition of Mod. Whatever Γ might be, there will be models in Mod(Γ) with no distinguished natural transformations associated to the elements in Γ, just because the notion of satisfaction requires the existence of a natural transformation, but not of a distinguished one. But then again, and in contrast with what happens in R-Sys, homomorphisms between such models are not subjected to preserve the rules in Γ. And the same counterexample as before shows that Mod(Γ) doesn’t have an initial object. Finally, let us consider a third alternative. The last proposal has made it clear that the source of the problem has shifted from the definition of Mod to that of satisfaction. In fact, in this context a new definition of satisfaction naturally arises: S satisfies a rewrite rule if it has a distinguished natural transformation associated to it. Combined with the second definition for morphisms in Mod(Σ, E) above (that in which F : S → S 0 is allowed when S ∈ |R-Sys|, S 0 ∈ |R0 -Sys| and R ⊆ R0 ), since now R-systems in Mod(Γ) have distinguished natural transformations associated to the rules in Γ and homomorphisms must preserve them, at least initial objects in

60


Mod(Γ) are recovered. However, this notion of satisfaction is most restrictive. In order to see why, let us take a closer look at what we understand for distinguished natural transformations in S ∈ Mod(Σ, E). For that we mean a triple consisting of a label r, a rule [t] → [t0 ] if [a1 ] → [b1 ]∧. . .∧[am ] → [bm ], and a natural transformation rS between the appropiate functors. S satisfies a rule if and only if the rule is part of one of the triples associated to S. Consider then a signature Σ with four constants a, b, c, and d, and S ∈ |Mod(Σ, ∅)| with a distinguished natural transformation (r, a → b, rS ): even in the case wherein cS = aS and dS = bS , S doesn’t satisfy c → d. It follows then that an R-system only satisfies as many rewrite rules as distinguished natural transformations has, what seems to be a bit odd. (It could be argued that it is the notion of distinguished natural transformation what is actually restrictive, and that the label, and even the rule, should be removed from the triple. Against this point of view let us note that the same rewrite rule can belong twice to an RL-theory R under two different labels. R-systems are then forced to provide two, possibly different, interpretations—natural transformations—for the same rule, each of them to be preserved by homomorphisms. So, neither the label nor the rule can be discarded in the definition of a distinguished natural transformation.) Summing up the discussion in the previous paragraphs, we began with a naive proposal of institution in which the structure imposed on models by the rewrite rules in an RL-theory was not taken into account. To remedy this, labelled rules were considered and distinguished natural transformations, that should be preserved by homomorphisms, were associated to them in the models. But even then, the notion of satisfaction did not compel models of a rewrite rule to possess a distinguished natural transformation associated to it, and so again homomorphisms were released from the requirement of preserving it. Accordingly, a new definition of satisfaction was proposed that, though solving some of the previous problems, turned out to be very restrictive. And now, what? So far, all our attempts to supply RL with a suitable institution have proved to be unsatisfactory. We started with very simple, seemingly natural definitions, were obliged to progressively complicate them, and ended up discussing the subtleties behind the notion of distinguished natural transformation, far away from our initial ideals of simplicity and naturalness. The source of all the difficulties we found through our way lies at the very heart of RL: models are assigned to theories instead of signatures, as it is customary. This gives rise to the distinction between two types of sentences: labelled rules, belonging to RL-theories and imposing a certain structure on the models, and unlabelled rules. An institution for RL which has as its category of signatures the category of equational theories is not able to reflect this duplicity, and that is why all our previous attempts were bound to failure. For this reason we are led to an institution in which the category Sign subsumes all the information of an RL-theory. More precisely, we propose to associate to RL the institution IRL = (Sign, sen, Mod, |=), where:

§15. An Institution for ACRWL

61

• Sign is the discrete category of RL-theories. • sen : Sign → Set maps each RL-theory to its corresponding set of conditional rewrite rules. • Mod : Signop → Cat maps an RL-theory R to the category R-Sys. • |= is satisfaction in RL, with the extension to conditional rewrite rules involving subequalizers. Since Sign is discrete, this trivially defines an institution. Admittedly, this restriction seems to be not justified. In fact, two types of morphisms of RL-theories are proposed in [20]. Basically, they are equational theory morphisms “preserving” the rules in the RL-theories; however, their formal definition requires the use of 2categorical notions and will not be given here. A complete study of the institution IRL extended with these morphisms will be undertaken in a future occasion. For our purposes, the present definition is general enough as it stands, and its extension would not modify the use we will make of it in Sections 16 and 17. Note also that terminology under this institution can be a bit confusing, as a theory is given by an RL-theory (making use of labelled rules) plus some unlabelled rules.

§15.

An Institution for ACRWL

Analogously to the untyped case, we can associate an institution to ACRWL. There is only one missing ingredient: signature morphisms. Given two polymorphic signatures Σ and Σ0 , we propose to define a polymorphic signature morphism σ : Σ → Σ0 as a triple of functions (denoted with the same σ) σ : TC Σ → TC Σ0 ,

σ : CΣ → CΣ0

and σ : FΣ → FΣ0 ,

mapping n-ary symbols to n-ary symbols. Composition is that of functions; the free extension to types, expressions, program rules and equational axioms, is the obvious one. A signature morphism σ : Σ → Σ0 is well-typed if, for each h : (τ1 , . . . , τn ) → τ0 in Σ, we have σ(h) : (σ(τ1 ), . . . , σ(τn )) → σ(τ0 ) in Σ0 . We can then define IACRWL = (Sign, sen, Mod, |=), where: • Sign is the category of polymorphic signatures and signature morphisms. • sen : Sign → Set associates to each signature the set of conditional rewrite rules and equational axioms over it, and to signature morphisms the corresponding extension.

62

§15. An Institution for ACRWL • Mod : Signop → Cat associates to Σ the category of PT-algebras and homomorphisms over Σ and, to each σ : Σ → Σ0 , the functor Mod(σ) mapping every A0 ∈ |Mod(Σ0 )| to the algebra A0σ with the same underlying poset and 0 0 0 0 universe of types, :Aσ =:A , and for every s ∈ Σ, sAσ = σ(s)A . Mod(σ) is defined to be the identity over PT-homomorphisms. • |= is the satisfaction relation in ACRWL.

15.1 Proposition IACRWL is an institution. Proof. Since composition of functions is associative, Sign is a category and sen is a functor. To see that Mod is well defined over signature morphisms, let σ : Σ → Σ0 and A0 ∈ |Mod(Σ0 )|; then, Mod(σ)(A0 ) is trivially well defined. If B 0 ∈ |Mod(Σ0 )| and F : A0 → B 0 is a homomorphism, we have to check that F is also a homomorphism from A0σ to Bσ0 : 0

0

• for each type constructor T ∈ TC Σ , and l1 , . . . , ln ∈ U Aσ = U A , we have 0 0 0 Ft (T Aσ (l1 , . . . , ln )) = Ft (σ(T )A (l1 , . . . , ln )) = σ(T )B (Ft (l1 ), . . . , Ft (ln )) = 0 T Bσ (Ft (l1 ), . . . , Ft (ln )). • the other conditions are proved in a similar manner (see also the proof of Proposition 13.2). Again, it is immediate to see that Mod preserves identities and composition, and so it is indeed a functor. As for the satisfaction condition, let σ : Σ → Σ0 be a signature morphism and A0 ∈ |Mod(Σ0 )|. The analogous of Proposition 13.1 also holds (and the proof would be the same): For every expression e ∈ Expr⊥ (Σ, X ) and valuation ξ = (η, µ) over 0 0 A0 , [[σ(e)]]A η = [[e]]Aσ η. Then, given a conditional rewrite rule ϕ, A0 |= σ(ϕ) ⇐⇒ A0σ |= ϕ is proved in exactly the same way as in Proposition 13.2. For an equational axiom s ≈ t, since a data valuation is safe for a term t if and only if it is safe for σ(t), we have A0

0

0

|= σ(s ≈ t) ⇐⇒

(

[[σ(s)]]A η ⊇ [[σ(t)]]A η 0 0 [[σ(t)]]A η ⊇ [[σ(s)]]A η

⇐⇒

(

[[s]]Aσ η ⊇ [[t]]Aσ η 0 0 [[t]]Aσ η ⊇ [[s]]Aσ η

0

0

(for all η safe for s) (for all η safe for t)

(for all η safe for s) (for all η safe for t)

⇐⇒ A0σ |= s ≈ t, and thus the satisfaction property is verified.

2

§16. Embedding CRWL in RL

63

It is interesting to note that the institution IACRWL can be restricted so that only well-typed signature morphisms and well-typed PT-algebras and homomorphisms are considered. To justify this assertion it is enough to notice that the composition of two well-typed signature morphisms is well-typed, and analogously for well-typed PT-homomorphisms. In addition, we must check that for all well-typed signature morphisms σ : Σ → Σ0 , Mod(σ) preserves well-typedness. Let then A0 be a welltyped PT-algebra: Is A0σ = Mod(σ)(A) well-typed? By structural induction it 0 0 is immediate to prove that [[τ ]]Aσ µ = [[σ(τ )]]A µ for any type τ over Σ and type valuation µ, hence it follows that 0

0

0

0

0

E Aσ ([[τ ]]Aσ µ) = {d ∈ D Aσ | d :Aσ [[τ ]]Aσ µ} 0 0 0 = {d ∈ D A | d :A [[σ(τ )]]A µ} 0 0 = E A ([[σ(τ )]]A µ). 0

0

Now, if h : (τ1 , . . . , τn ) → τ0 ∈ Σ, and di ∈ E Aσ ([[τi ]]Aσ µ), 1 ≤ i ≤ n, by the above equality and the well-typedness of σ and A0 , we have 0

0

hAσ (d1 , . . . , dn ) = σ(h)A (d1 , . . . , dn ) 0 0 ⊆ E A ([[σ(τ0 )]]A µ) 0 0 = E Aσ ([[τ0 ]]Aσ µ), which proves that A0σ is well-typed. For F a well-typed PT-homomorphism, since 0 0 0 0 E Aσ (l) = E A (l) for all l ∈ U Aσ = U A and F = Mod(σ)(F ), the result is straightforward.

§16.

Embedding CRWL in RL

We would like to relate the institutions ICRWL and IRL by means of a map of institutions (Φ, α, β) : ICRWL → IRL having nice properties, in such a way that it indicated that ICRWL could be considered as a subinstitution of IRL . The formal definition of subinstitution appeared originally in [19] and has been further generalized in subsequent articles. One of those extensions was introduced by Meseguer in [22], where it is called an embedding. The only requirement imposed on a map of institutions (Φ, α, β) : I → I 0 to be an embedding is that for each T ∈ ThI , the functor βT : Mod0 (Φ(T )) → Mod(T ) must be an equivalence of categories. The goal of this section is to show that it does not exist an embedding from ICRWL into IRL . For that it will be enough to find a categorical property which is preserved by an equivalence of categories and a theory T ∈ ThCRWL such that ModRL (Φ(T )), but not ModCRWL (T ), has the property. In this case it will be proved that for any RL-theory R the category R-Sys has equalizers, but a theory T will be shown in CRWL such that ModCRWL (T ) does not have them.

64


Let Σ be a signature with constructors such that CΣ = ∅ and FΣ = FΣ0 = {f1 , f2 }, Γ = {f2 → x ⇐ f1 ./ f1 } a CRWL-program over Σ, and consider the CRWL-theory T = (Σ, Γ). We define two CRWL-algebras over Σ: A given by • the set D A = {⊥, a1 , a2 } with partial order ⊥ v a1 v a2 ; • the cones f1A = ha1 i and f2A = h⊥i; and B with • D B = {⊥, b1 }; • the cones f1B = f2B = h⊥i. A, B ∈ ModCRWL (T ) trivially, because they do not satisfy the condition f1 ./ f1 . Let us now define two CRWL-homomorphisms F, G : A → B given by: F (x) = h⊥i

and

G(x) =

(

h⊥i if x = ⊥, a1 hb1 i if x = a2 .

Clearly, F and G preserve both f1 and f2 , so that they are actually homomorphisms. We will prove that there does not exist the equalizer of F and G. For let us suppose that E : E → A is such an equalizer and let H : A → A be a homomorphism given by H(x) =

(

h⊥i if x = ⊥ ha1 i if x = a1 , a2 .

Then, there must exist a (unique) homomorphism M : A → E such that E ◦ M = H. Let e1 ∈ E such that M (a1 ) = he1 i and E(e1 ) = ha1 i. As E and M loosely preserve defined functions, E(f2E ) ⊆ f2A = h⊥i so that e1 ∈ / f2E , and

he1 i = M (f1A ) ⊆ f1E .

Therefore, as E ∈ ModCRWL (T ), there must exist e2 ∈ E such that e1 < e2 : otherwise, E would not satisfy Γ. Besides, due to the monotonicity of E and the equality F ◦ E = G ◦ E, it is E(e2 ) = ha1 i. But then we have M1 , M2 : B → E given by M1 (x) =

(

h⊥i if x = ⊥ he1 i if x = b1

and

M2 (x) =

(

h⊥i if x = ⊥ he2 i if x = b1 ,


65

two different homomorphisms satisfying E ◦ M1 = E ◦ M2 , a contradiction with the universal property of equalizers. In contrast with what happens in CRWL, the following proposition shows a construction for equalizers in RL. 16.1 Proposition For all RL-theories R = (Σ, E, L, Γ), the category R-Sys has equalizers. Proof. Let S1 and S2 be two R-systems and let F, G : S1 → S2 be two RE homomorphisms between them; let us build their equalizer E −→ S1 . The objects in the category E are those s ∈ S1 such that F (s) = G(s); the arrows, those f : s → s0 in S1 such that F (f ) = G(f ) (which implies, in particular, that F and G also coincide over s and s0 ); composition is that of S1 . E is well defined because functors preserve identities and composition. Next, we assign a (Σ, E)-algebra structure to E. For each f ∈ Σn we define fE = fS1 |E . Let us check that this is a valid definition. If e1 , . . . , en ∈ |E| then F (fS1 (e1 , . . . , en )) = fS2 (F (e1 ), . . . , F (en )) = fS2 (G(e1 ), . . . , G(en )) = G(fS1 (e1 , . . . , en ))

(F is homomorphism) (ei ∈ |E|) (G is homomorphism)

and thus fS1 (e1 , . . . , en ) ∈ |E|. Analogously for arrows. With this definition it is easy to prove by structural induction that tE = tS1 |E n for all t(x1 , . . . , xn ) ∈ TΣ (X ). Therefore, for each t = t0 ∈ E it is tE = t0E . The only thing missing in the definition of E are the natural transformations associated to the rewrite rules. Let r : [t(x)] → [t0 (x)] if [a1 (x)] → [b1 (x)] ∧ . . . ∧ [am (x)] → [bm (x)] be a rule in R. We have to define a natural transformation rE : tE ◦ JE ⇒ t0E ◦ JE , where JE : Subeq((ajE , bjE )1≤j≤m ) → E n is the subequalizer functor. Using the construction of Section 4 and the fact that ajE = ajS1 |E n and bjE = bjS1 |E n , 1 ≤ j ≤ m, it follows that Subeq((ajE , bjE )1≤j≤m ) is a subcategory of Subeq((ajS1 , bjS1 )1≤j≤m ) and that JE is just the restriction of the corresponding JS1 . Then we can define rE by simply restricting rS1 , which is obviously a natural transformation, and this finishes our construction of E as an R-system.

66


Let us now move to the definition of E and the proof that it is an R-homomorphism. E is simply the inclusion functor. If f ∈ Σn and e1 , . . . , en ∈ |E|, then E(fE (e1 , . . . , en )) = fE (e1 , . . . , en ) = fE (E(e1 ), . . . , E(en )), so E is a Σ-algebra homomorphism. For a rewrite rule r : [t(x)] → [t0 (x)] if [a1 (x)] → [b1 (x)] ∧ . . . ∧ [am (x)] → [bm (x)] in Γ, is the natural transformation E ◦ rE equal to rS1 ◦ E • ? Let (en , um ) ∈ Subeq((ajE , bjE )1≤j≤m ). Regarding E • , we only need to know that E • (en , um ) = (E n (en ), E m (um )). Now, (E ◦ rE )(en , um ) = = = = = =

E(rE (en , um )) rE (en , um ) rS1 (en , um ) rS1 (E n (en ), E m (um )) rS1 (E • (en , um )) (rS1 ◦ E • )(en , um ),

so E is an R-homomorphism. We already know that E is an R-system and that E is an R-homomorphism; the one thing missing is the equalizer property. Let then H : C → S1 be an R-homomorphism such that F ◦ H = G ◦ H; we have to find a unique M : C → E such that E ◦ M = H. As E is the inclusion functor the uniqueness is clear, because the only possibility for all objects c and arrows u in C is M (c) = H(c) and M (u) = H(u). It remains to prove that this is a valid definition. First, because of the equality F ◦ H = G ◦ H the image of H is included in E and M is well-defined; as H is a functor, so is M . Given f ∈ Σn and c1 , . . . , cn ∈ |C|, we have M (fC (c1 , . . . , cn )) = H(fC (c1 , . . . , cn )) = fS1 (H(c1 ), . . . , H(cn )) = fE (M (c1 ), . . . , M (cn )), and M is a Σ-algebra homomorphism. Finally, if r : [t(x)] → [t0 (x)] if [a1 (x)] → [b1 (x)] ∧ . . . ∧ [am (x)] → [bm (x)] is a rewrite rule in Γ and (cn , um ) is an object of Subeq((ajC , bjC )1≤j≤m ), then rE (M • (cn , um )) = = = = =

rE (M n (cn ), M m (um )) rS1 (H n (cn ), H m (um )) rS1 (H • (cn , um )) H(rC (cn , um )) (H is homomorphism) M (rC (cn , um ))

and we have M ◦ rC = rE ◦ M • .

2

§17. Embedding RL in CRWL

67

Note that, in the above proof, the equalizer E is a model of all the rewrite rules that S1 satisfies. Therefore the result is still valid when the RL-theory R is replaced by the category ModRL (Γ) for some set Γ of rewrite rules in the institution IRL . As an immediate consequence we have the following 16.2 Corollary ICRWL is not embeddable in IRL . Proof. Let T be the CRWL-theory defined at the beginning of this section. It has been shown that ModCRWL (T ) doesn’t have all equalizers, whereas ModRL (Φ(T )) has, regardless of the actual definition of Φ. Therefore, there cannot exist an equivalence of categories βT : ModRL (Φ(T )) → ModCRWL (Φ). 2

§17.

Embedding RL in CRWL

In the previous section we have begun studying the relationship between CRWL and RL at the semantic level in a formal framework, namely, that of embedding of institutions. Of the two possible directions which can be explored we have just studied one. What about the other way around? Can we embed IRL in ICRWL ? When we began preparing this work our intuition was that we would be able to view CRWL as a “subpart” of RL in the first place, but also that the converse would not be true. The previous section has shown that our intuition was wrong about the first point and the purpose of this one is to deal with the second. In order to prove that RL cannot be embedded in CRWL we have to find, in the same way as we did in Section 16, an RL-theory T such that ModRL (T ) has a categorical property that no category of models in CRWL has. In what follows two such theories are shown. For the first one, note that for any CRWL-theory T there exists a CRWL-algebra A ∈ |ModCRWL (T )| with an infinite number of automorphisms. Simply consider A given by D A = {⊥, a, b1 , b2 , . . .} with ⊥ v a, ⊥ v b1 v b2 v . . ., the image of all functions associated to constructor symbols to be hai, and the corresponding one of defined functions symbols to be D A . This way A is clearly a CRWL-algebra, satisfies all conditional rewrite rules, and the set {Fi : A → A}i∈IN , where Fi (x) =

   h⊥i

if x = ⊥ hai if x = a   hbi i if x = bj (j ∈ IN)

is an infinite family of automorphisms of A. On the other hand, in RL, if R is the RL-theory given by ({c}, {x = c}, ∅, ∅) then, for all R-systems S, the equality

68

§18. The Maude Language

id S = cS , where cS is a constant functor, forces S to be a category with just one object and one arrow, and no infinite family of homomorphisms can exist. Therefore (as an equivalence of categories is full and faithful), ModRL (R) is not categorically equivalent to ModCRWL (Φ(R)), whatever Φ might be. For the second one note that, if R = (Σ, E, L, Γ) is an RL-theory and there are no constants in Σ, then ∅ is the initial R-system. In addition, for each other R-system S we have ∅ × S = ∅ (although we have not built products in RL, they follow the same structure as in Cat). In CRWL, however, the initial algebra I is never empty for any CRWL-theory (⊥ ∈ D I , see the construction in [14]) and, if we choose a CRWL-algebra A whose underlying poset has a greater cardinality than that of I (generalizing, if necessary, the construction in the previous paragraph), we will have that A × I is not even isomorphic to I. Since equivalences of categories should preserve both limits and colimits, we conclude the following 17.1 Proposition IRL is not embeddable in ICRWL . Proof. It follows from any of the two preceding paragraphs.

2

Admittedly, although these two counterexamples formally solve the problem, they are so particular that they cannot be considered to truly reflect the real differences between RL and CRWL. Future work should concentrate on finding a more illustrative example.

§18.

The Maude Language

Maude is a high-level language and high-performance system supporting both equational and rewriting computation. Functional modules take charge of the equational part, whereas system modules provide the full power of RL. There is also a third kind of module in Maude, object-oriented modules. However, these can be reduced to system modules by a “desugaring” process so, in essence, we only have functional and system modules. In what follows we review the basic notions that will be needed to understand the program in Section 19; for a more detailed exposition with plenty of examples see [9, 8].

18.1. Functional Modules Functional modules define data types and functions on them by means of equational theories whose equations are Church-Rosser and terminating. A mathematical model of the data and the functions is provided by the initial algebra defined by


69

the theory, whose elements consist of equivalence classes of ground terms modulo the equations. Evaluation of any expression to its reduced form using the equations as rewrite rules assigns to each equivalence class a unique canonical representative. The equational logic on which Maude is based is membership equational logic so, in addition to sorts, subsorts and overloading of functions, there are also (conditional) membership axioms. We illustrate all these points with the following example taken from [8]. Consider the following graph. n3

c

- n4

6

b n1

d a f

-

?

n2

e

- n5

The module PATH forms path over this graph. As not all random sequences of edges constitute a path, concatenation is defined, not at the level of paths but at a supersort Path? and then, a conditional membership axiom is used to separate the correct paths. fmod PATH is protecting MACHINE-INT . sorts Edge Path Path? Node . subsorts Edge < Path < Path? . ops n1 n2 n3 n4 n5 : -> Node [ctor] . ops a b c d e f : -> Edge [ctor] . op _;_ : Path? Path? -> Path? [ctor assoc] . ops source target : Path -> Node . op length : Path -> MachineInt . var E : Edge . var P : Path . cmb (E ; P) : Path if target(E) == source(P) . ceq source(E ceq target(E eq length(E) ceq length(E

; ; = ;

P) = source(E) if E ; P : Path . P) = target(P) if E ; P : Path . 1 . P) = 1 + length(P) if E ; P : Path .

eq source(a) = n1 . eq target(a) = n2 .

70


eq source(b) eq source(c) eq source(d) eq source(e) eq source(f) endfm

= = = = =

n1 n3 n4 n2 n2

. . . . .

eq eq eq eq eq

target(b) target(c) target(d) target(e) target(f)

= = = = =

n3 n4 n2 n5 n1

. . . . .

The keyword protecting is used to import the predefined module MACHINE-INT defining the integers, without changing the data belonging to the sorts in the initial algebra of the imported module. Notice that this is a semantic condition and it is the user who must take care of its fulfilment. There also exists in Maude another mechanism for importation, using including, which allows changing these data. Next come the declaration of sorts and subsorts; the sort Path? is used as a kind of error supersort so that the concatenation operation is a total function. This operator is declared using “infix” syntax, with the underbars indicating the places where the first and second argument should be placed. Some of the operations have associated equational attributes written between brackets. ctor plays simply a methodological role, pointing out which operations will be used to construct or generate the data. The attribute assoc states that _;_ is associative. The Maude engine then uses this information to rewrite modulo associativity. Others attribute available are comm and id:, for commutativity and specifying an identity element, respectively. Finally, membership axioms and equations are introduced by the keywords mb and eq, respectively, prefixed by a c were they conditional. The condition if E ; P : Path appearing in some of the equations is not really necessary, but it has been included to illustrate the use of conditional equations. We can then use the command reduce (abbreviated red) to find the canonical form of some expressions. Notice the error result obtained when applying the operation source to a term not representing a correct path. Maude> red (b ; c ; d) . result Path: (b ; c ; d) Maude> red length(b ; c ; d) . result MachineInt: 3 Maude> red source(a ; b ; c) . result Error(Node): source(a ; b ; c)

Besides MACHINE-INT there are other predefined modules in Maude which we will use later. Among them are BOOL, defining a sort Bool and the usual Boolean operations, and QID, where a sort Qid for quoted identifiers is declared.


71

18.2. System Modules In functional modules, due to the confluence and terminating properties of the equations when interpreted as rewrite rules, the rewriting of a term always finishes, and this process can only lead to one value. However, for many interesting theories, not only have we infinite chains of rewritings but also not confluent paths. System modules in Maude generalize functional modules and correspond to RLtheories: they specify the initial model of a rewrite theory. From a system perspective this model describes all the concurrent behaviours that the system so axiomatized can exhibit. As an example of a system module, the following module SORTING for sorting vectors of integers is introduced, taken from [8]. mod SORTING is protecting MACHINE-INT . sorts Pair PairSet . subsort Pair < PairSet . op : MachineInt MachineInt -> Pair [ctor] . op empty : -> PairSet [ctor] . op __ : PairSet PairSet -> PairSet [ctor assoc comm id: empty] . vars I J X Y : MachineInt . crl [sort] : < J ; X > < I ; Y > => < J ; Y > < I ; X > if (J < I) and (X > Y) . endm

Using the rewrite (abbreviated rew) command, we can use Maude’s default interpreter for executing expressions in system modules. Maude> rew < 1 ; 3 > < 2 ; 2 > < 3 ; 1 > . result PairSet: < 1 ; 1 > < 2 ; 2 > < 3 ; 3 >

This way, we have no control at all over the application of the rules in the system module. Although not a problem in this example, in many other cases the rewriting inference process could go in many undesired directions, so we would like to have good ways of controlling it by means of adequate strategies. Even in this case, we could use strategies to specify different sorting algorithms. In Maude, thanks to its reflective capabilities, strategies can be made internal to the system. The starting point for defining strategies is the module META-LEVEL with which we deal in the following section. A strategy specifying a depth-first search over a tree is presented in Section 19.

72


18.3. The META-LEVEL module In Section 12 we commented that RL is reflective. In Maude, key functionality of the universal theory has been efficiently implemented in the functional module META-LEVEL. Furthermore, several other useful functions are also built-in for efficiency reasons. Some of the most important features supplied by the module META-LEVEL, and which we review in the next sections following [9], are: • Maude terms are reified as elements of a data type Term of terms; • Maude modules are reified as terms in a data type Module of modules; • the processes of reducing a term to normal form in a functional module and of finding whether such a normal form has a given sort are reified by a function meta-reduce; • the process of applying a rule of a system module to a subject term is reified by a function meta-apply; • the process of rewriting a term in a system module using Maude’s default interpreter is reified by a function meta-rewrite. For more details see [9, 8].

18.3.1 Representing terms Terms are reified as elements of the data type Term of terms, by means of the following operations: subsort Qid < Term . subsort Term < TermList . op {_}_ : Qid Qid -> Term [ctor] . op _[_] : Qid TermList -> Term [ctor] . op _,_ : TermList TermList -> TermList [ctor assoc] . op _:_ : Term Qid -> Term [ctor] . op error* : -> Term .

The first declaration, making Qid a subsort of Term, is used to represent variables by the corresponding quoted identifiers. Thus, the variable N is represented by ’N. The operation {_}_ is used for representing constants as pairs, with the first argument the constant in quoted form, and the second argument the sort of the constant,


73

also in quoted form. For example, the constant n1 of sort Node in the module PATH in Section 18.1 is represented as {’n1}’Node. The operation _[_] corresponds to the recursive construction of terms out of subterms, with the first argument the top operation in quoted form, and the second argument the list of its subterms, where list concatenation is denoted _,_. For example, the term source(c ; d) of sort Node in module PATH is metarepresented as the following term (also denoted mathematically source(c ; d)) of sort Term in module META-LEVEL: ’source[’_;_[{’c}’Edge, {’d}’Edge]]

Note that, since terms in the module META-LEVEL can be metarepresented just as terms in any other module, the representation of terms can be iterated. Membership predicates t : s are meta-represented by means of the binary constructor _:_ with the first argument the representation of the term, and the second the representation of the sort as a quoted identifier. The last declaration above for the data type of terms is a constant error* to be used as an error element.

18.3.2 Representing modules Functional and system modules are metarepresented in a syntax very similar to their original user syntax. The main differences are that: (1) terms in equations, membership axioms, and rules are now metarepresented as we have already explained; (2) in the metarepresentation of modules we follow a fixed order in introducing the different kinds of declarations for sorts, subsorts, variables, equations, etc., whereas in the user syntax there is considerable flexibility for introducing such different declarations in an interleaved and piecemeal way; and (3) sets of identifiers—used in declarations of sorts—are represented as sets of quoted identifiers built with an associative and commutative operation _;_. The module META-LEVEL provides sorts and constructors for each of the declarations that can appear in modules. For example, we have sorts OpDecl and OpDeclSet to represent declarations of operations and sets of declarations of operations, respectively. If there are no operation declarations in a particular module, then this argument will be none. Otherwise, the set is given by the associative and commutative constructor __, which is declared with identity element none. Each of the operation declarations is then given by a term of sort OpDecl using the constructor op op_:_->_[_]. : Qid QidList Qid AttrSet -> OpDecl [ctor] .

74


The last argument of this constructor corresponds to the set of attributes of an operation. The META-LEVEL syntax for the top-level operations representing functional and system modules is as follows: op fmod_is_______endfm : Qid ImportList SortDecl SubsortDeclSet OpDeclSet VarDeclSet MembAxSet EquationSet -> Module [ctor] . op mod_is________endm : Qid ImportList SortDecl SubsortDeclSet OpDeclSet VarDeclSet MembAxSet EquationSet RuleSet -> Module [ctor] .

To illustrate the general syntax for representing modules, we use a module NAT for natural numbers with zero, successor, and commutative addition (this example is borrowed from [9]). We first give NAT’s ordinary Maude syntax: fmod NAT is sorts Zero Nat . subsort Zero < Nat . op 0 : -> Zero [ctor] . op s : Nat -> Nat [ctor] . op _+_ : Nat Nat -> Nat [comm] . vars N M : Nat . eq 0 + N = N . eq s(N) + M = s(N + M) . endfm

The representation NAT of NAT as a term of sort Module in META-LEVEL is fmod ’NAT is nil sorts ’Zero ; ’Nat . subsort ’Zero < ’Nat . op ’0 : nil -> ’Zero [ctor] . op ’s : ’Nat -> ’Nat [ctor] . op ’_+_ : ’Nat ’Nat -> ’Nat [comm] . var ’N : ’Nat . var ’M : ’Nat . none eq ’_+_[{’0}’Nat, ’N] = ’N . eq ’_+_[’s[’N], ’M] = ’s[’_+_[’N, ’M]] . endfm


75

Since NAT has no list of imported submodules and no membership axioms, those fields are filled by the constant nil of sort ImportList, and the constant none of sort MembAxSet, respectively. Similarly, none is the empty set of attributes for operations that have no attributes. Note that—just as in the case of terms—terms of sort Module can be metarepresented again, yielding then a term of sort Term, and this can be iterated an arbitrary number of times. 18.3.3 Descent functions The module META-LEVEL has three built-in operations for meta-evaluation, also called descent functions: meta-reduce, meta-rewrite and meta-apply. The operation meta-reduce has the following declaration, where we have omitted the lengthy list of bindings to C++ code in its declaration as a special built-in operation: op meta-reduce : Module Term -> Term [special (...) ] .

It takes as arguments the representations of a module and of a term t in that module, and returns the representation of the canonical form of the term t using the equations in the module, e.g, Maude> red meta-reduce(NAT,s(0) + 0) . result Term: s(0)

The operation meta-rewrite is declared as op meta-rewrite : Module Term MachineInt -> Term [special (...) ] .

It is entirely analogous to meta-reduce, but instead of using only the equational part of a module it now uses both the equations and the rules to rewrite the term using Maude’s default strategy. Its first two arguments are the representations of a module R and of a term t, and its third argument is a positive machine integer n. Its result is the representation of the term obtained from t after at most n applications of the rules in R using the strategy of Maude’s default interpreter. When the value 0 is given as the third argument, no bound is given to the number of rewrites, and rewriting proceeds to the bitter end. The operation meta-apply is declared as

§19. A Maude Interpreter for CRWL

76

op meta-apply : Module Term Qid Substitution MachineInt -> ResultPair [special (...) ] .

The first four arguments are representations in META-LEVEL of a module R, a term t in R, a label l of some rules3 in R, and a set of assignments (possibly empty) defining a partial substitution σ for the variables in those rules. The last argument is a natural number n. meta-apply then returns a pair, of sort ResultPair, consisting of a term and a substitution. The operation meta-apply is evaluated as follows: 1. the term t is first fully reduced using the equations in R; 2. the resulting term is matched (at the top, with extension) against all rules with label l partially instantiated with σ, with matches that fail to satisfy the condition of their rule discarded; 3. the first n successful matches are discarded; if there is an (n + 1)th match, its rule is applied using that match and the steps 4 and 5 below are taken; otherwise the pair {error*, none} is returned, where none denotes the identity substitution; 4. the term resulting from applying the given rule with the (n + 1)th match is fully reduced using the equations in R; 5. the pair formed using the constructor {_,_} whose first element is the representation of the resulting fully reduced term and whose second element is the representation of the match used in the reduction is returned.

§19.

A Maude Interpreter for CRWL

The goal of this section is to write a Maude program to interpret CRWL. In Section 7 a translation from CRWL to RL was given and proved to be correct; however, we will not use it here. In the first place, that translation makes use of rules which include rewriting in the conditional part, and this is a feature not currently supported in Maude. In addition, the calculus BRC simulated there is a logical calculus, useful for proving statements and for theoretical reasoning, but unsuitable for solving goals. Instead, here we will employ the Constructor-based Lazy Narrowing Calculus (CLNC) which is used in [14] to define the operational semantics of CRWL, and that we briefly present now. 3

A user can declare several rules with the same label; then meta-apply will try to apply some rule with that label.


77

19.1. The CLNC-calculus Let Γ be a CRWL-program over a signature Σ. An admissible goal for Γ has the form G ≡ ∃u. S 2 P 2 E, where: • evar(G) ≡ u is the set of so-called existential variables of the goal G. • S ≡ x1 = s1 , . . . , xn = sn , with xi ∈ X , si ∈ Term(Σ, X ), is a set of equations, called solved part. • P ≡ e1 → t1 , . . . , ek → tk is a multiset of approximation statements, with ti total, called produced part. pvar(P ) = var(t1 ) ∪ . . . ∪ var(t1 ) is the set of produced variables of the goal G. • E ≡ a1 ./ b1 , . . . , am ./ bm is a multiset of joinability statments, and dvar(E) = {x ∈ X | x ≡ ai or x ≡ bi , for some 1 ≤ i ≤ m} is called the set of demanded variables of the goal G. Besides, admissible goals must satisfy a number of technical conditions, the details of which will not concern us here and can be found in [14]. It is assumed, by convention, that in an initial goal G only the joinability part is non-empty. If G ≡ ∃u. S 2 P 2 E is an admissible goal and θ is a substitution mapping variables to partial terms, θ is a solution for G if, roughly, xi θ = si θ for all xi = si ∈ S and the statements in (P 2 E)θ are provable. Again, some technical details are missing. With all these definitions, the following result is proved in [14]. 19.1 Theorem Let Γ be a program, G an initial goal, θ a substitution mapping variables to partial terms. Then the following statements are equivalent: (a) θ is a solution for G. (b) Γ `CRWL Gθ. (c) (A, η) |= Gθ, for all A |= Γ and η a totally defined valuation.

2

Finally, the calculus CLNC for solving goals is presented. It consists of a set of transformation rules, each of which has the form G `` G0 , specifying one of the possible ways of performing one step of goal solving. Derivations are sequences of ``-steps. Joinability statements are considered to be symmetric for the purposes of the calculus. The notation svar(e) in some of the rules stands for the set of all safe variables occurring in e at some position whose ancestor positions are all occupied by

78


constructors. We also use c ∈ CΣ , f ∈ FΣ and {e/x} for the substitution mapping the variable x to e. The rules of the calculus can be divided into three big groups. First of all, the rules for ./: DC1 Decomposition: ∃u. S 2 P 2 c(a) ./ c(b), E `` ∃u. S 2 P 2 . . . , ai ./ bi , . . . , E. ID Identity: ∃u. S 2 P 2 x ./ x, E `` ∃u. S 2 P 2 E if x ∈ / pvar(P ). BD Binding: ∃u. S 2 P 2 x ./ s, E `` ∃u. x = s, (S 2 P 2 E)σ if s ∈ Term(Σ, X ), var(s) ∩ pvar(P ) = ∅, x ∈ / var(s), x ∈ / pvar(P ), where σ = {s/x}. IM Imitation: ∃u. S 2 P 2 x ./ c(e), E `` ∃y, u. x = c(y), (S 2 P 2 . . . , yi ./ ei , . . . , E)σ if c(e) ∈ / Term(Σ, X ) or var(c(e)) ∩ pvar(P ) 6= ∅, and x ∈ / pvar(P ), x ∈ / svar(c(e)), where σ = {c(y)/x}, y are new variables. NR1 Narrowing: ∃u. S 2 P 2 f (e) ./ a, E `` ∃y, u. S 2 . . . , ei → ti , . . . , P 2 C, r ./ a, E where R : f (t) → r ⇐ C is a variant of a rule in Γ, with y = var(R) new variables. The rules associated to →: DC2 Decomposition: ∃u. S 2 c(e) → c(t), P 2 E `` ∃u. S 2 . . . , ei → ti , . . . , P 2 E. OB Output Binding: OB1 ∃u. S 2 x → t, P 2 E `` ∃u. x = t, (S 2 P 2 E)σ if t ∈ / X, x ∈ / pvar(P ), where σ = {t/x}. OB2 ∃x, u. S 2 x → t, P 2 E `` ∃u. S 2(P 2 E)σ if t ∈ / X , x ∈ pvar(P ), where σ = {t/x}. IB Input Binding: ∃x, u. S 2 t → x, P 2 E `` ∃u. S 2(P 2 E)σ if t ∈ Term(Σ, X ), where σ = {t/x}.


79

IIM Input Imitation: ∃x, u. S 2 c(e) → x, P 2 E `` ∃y, u. S 2(. . . , ei → yi , . . . , P 2 E)σ if c(e) ∈ / Term(Σ, X ), x ∈ dvar(E), where σ = {c(y)/x}, y new variables. EL Elimination: ∃x, u. S 2 e → x, P 2 E `` ∃u. S 2 P 2 E if x ∈ / var(P 2 E). NR2 Narrowing: ∃u. S 2 f (e) → t, P 2 E `` ∃y, u. S 2 . . . , ei → ti , . . . , r → t, P 2 C, E if t ∈ / X or t ∈ dvar(E), where R : f (t) → r ⇐ C is a variant of a rule in Γ, with y = var(R) new variables. Finally, the failure rules: CF1 Conflict: ∃u. S 2 P 2 c(a) ./ d(b), E `` FAIL if c 6≡ d. CY Cycle: ∃u. S 2 P 2 x ./ a, E `` FAIL if x 6≡ a, x ∈ svar(a). CF2 Conflict: ∃u. S 2 c(a) → d(t), P 2 E `` FAIL if c 6≡ d. Goals of the form FAIL or ∃u. S 2 2 are ``-irreducible and are called solved goals. Associated to the goal ∃u. S 2 2 there is a substitution σS = {t1 /x1 , . . . , tn /xn }, which is a solution of it. Taking these solutions as the answers provided by the calculus, it turns out that CLNC is sound and complete.

19.2. Simulating CLNC Taking advantage of the good properties of rewriting logic (and therefore, of Maude), given a CRWL-theory T = (Σ, Γ), it is relatively straightforward to translate the CLNC-rules into a system module in Maude in which to solve admissible goals about T . This translation has got some drawbacks, however, and we will be forced to adopt a different point of view to make things work in a satisfactory manner. 19.2.1 Working at the object level We will present the main ideas behind this translation by means of an example, that of the well-known theory of the natural numbers with addition and multiplication.

80


The symbols in the signature Σ will be those of CΣ0 = {zero}, CΣ1 = {s} and FΣ2 = {+, ∗}, while the rewrite rules in Γ will be (in infix form) e1 + zero → e1 e1 + s(e2 ) → s(e1 + e2 )

e1 ∗ zero → zero e1 ∗ s(e2 ) → (e1 ∗ e2 ) + e1 .

Our first task will be to represent CRWL variables in Maude. Simply trying to use Maude’s own variables will not work, as we will need to treat them as objects which can be manipulated and, in particular, some of the rules will force us to create fresh variables. In a similar way as it is done in [9] we can then declare mod NAT-CRWL is protecting MACHINE-INT . sorts Var VarSet . subsort Var < VarSet . op op op op op op op

v : MachineInt -> Var [ctor] . empty-var : -> VarSet [ctor]. _U_ : VarSet VarSet -> VarSet [ctor assoc comm id: empty-var] . intersection : VarSet VarSet -> VarSet . _in_ : Var VarSet -> Bool . new : VarSet -> Var . maxIndex : VarSet -> MachineInt .

Variables are then represented as terms of the form v(n), n being an integer. Next we extend the module so as to represent elements in Term(Σ, X ) and Expr(Σ, X ) too. Since it is important to distinguish whether an expression is also a term, a subsort declaration is used. sorts Term Expr . subsort Var < Term < Expr . op zero : -> Term [ctor] . op s : Expr -> Expr [ctor] . op s : Term -> Term [ctor] . ops + * : Expr Expr -> Expr [ctor] .

Note that constructor symbols are overloaded, so that they will produce terms when applied to terms. As Term < Expr, this is not necessary when the arity is 0. + and * have a ctor attribute despite being function symbols because they are used to construct the expressions. The sorts and operations for goals are introduced in a similar way.


81

sorts Equation SolvedPart ApproxStatement ProducedPart JoinStatement JoinPart Goal . op goal : VarSet SolvedPart ProducedPart JoinPart -> Goal [ctor] . op FAIL : -> Goal [ctor] . subsort Equation < SolvedPart . op eq : Var Term -> Equation [ctor] . op empty-eq : -> SolvedPart [ctor] . op __ : SolvedPart SolvedPart -> SolvedPart [ctor assoc comm id: empty-eq] . var EQ : Equation . eq EQ EQ = EQ . *** the solved part is a set subsort ApproxStatement < ProducedPart . op approx : Expr Term -> ApproxStatement [ctor] . op empty-approx : -> ProducedPart [ctor] . op __ : ProducedPart ProducedPart -> ProducedPart [ctor assoc comm id: empty-approx] . subsort JoinStatement < JoinPart . op join : Expr Expr -> JoinStatement [ctor comm] . op empty-join : -> JoinPart [ctor] . op __ : JoinPart JoinPart -> JoinPart [ctor assoc comm id: empty-join] .

Notice the attribute comm associated to the operation join. The syntax used reflects faithfully that of CLNC, but for one important detail. Goals in CLNC are prefixed by a set u of existential variables; however, these variables play no role at all in the application of the rules, so they can be omitted. The first argument associated to the operation goal, then, is not used to represent this set, but the set of variables that have been employed up to a certain moment in the derivation process. (In fact, what is really needed are the current variables in the goal, but keeping this set up to date would be too expensive.) Its purpose is to feed the new function to create fresh variables. (Another possibility would be to remove this argument and to define an operation to find the variables in a goal.) Then, for example, the goal ∃y. x = zero 2 zero + s(zero) → y 2 s(s(zero)) ./ z, zero ./ zero ∗ zero is represented as follows, goal(v(0) U v(1) U v(2), eq(v(0),s(zero)), approx(+(zero,s(zero),v(1)), join(s(s(zero)),v(2)) join(zero,*(zero,zero)))


82

where the first argument must satisfy the condition that it contains all variables appearing in the goal. Before proceeding to translate the rules of the calculus into Maude it will be necessary to define some auxiliary operations entrusted with calculating variables in expressions and performing substitutions. For example, the following declarations and equations are used for extracting the safe variables in an expression: var V : Var . var E E’ : Expr . op eq eq eq eq eq

safeVar : Expr -> VarSet . safeVar(V) = V . safeVar(zero) = empty-var . safeVar(s(E)) = safeVar(E) . safeVar(+(E,E’)) = empty-var . safeVar(*(E,E’)) = empty-var .

The rest of the operations needed are op variables : Expr -> VarSet . op variables : ProducedPart -> VarSet . op variables : JoinPart -> VarSet . op producedVar : ProducedPart -> VarSet . op demandVar : JoinPart -> VarSet . op op op op

subst subst subst subst

: : : :

Expr Var Term -> Expr . SolvedPart Var Term -> SolvedPart . ProducedPart Var Term -> ProducedPart . JoinPart Var Term -> JoinPart .

Now we are ready to finish the translation. Some of the CLNC-rules are independent of the theory and, with all the machinery developed by now, easily encoded. It is the case of ID and BD, for example. var var var var

UVars : VarSet . T : Term . SP : SolvedPart . JP : JoinPart .

vars E1 E2 : Expr . var PP : ProducedPart .

crl [ID] : goal(UVars,SP,PP,join(V,V) JP) => goal(UVars,SP,PP,JP)


83

if not (V in producedVar(PP)) . crl [BD] : goal(UVars,SP,PP,join(V,T) JP) => goal(UVars,eq(V,T) subst(SP,V,T),subst(PP,V,T),subst(JP,V,T)) if intersection(variables(T),producedVar(PP)) == empty-var and not V in (variables(T) U producedVar(PP)) .

Others are theory dependent (either on the signature or on the program rules) and may have to be translated by a number of rewrite rules. For example: rl [NR1] : goal(UVars,SP,PP,join(+(E1,E2),E) JP) => goal(new(UVars) U UVars,SP, approx(E1,new(UVars)) approx(E2,zero) PP, join(new(UVars),E) JP) . rl [NR1] : goal(UVars,SP,PP,join(+(E1,E2),E) JP) => goal(new(new(UVars) U UVars) U UVars,SP, approx(E1,new(UVars)) approx(E2,s(new(new(UVars) U UVars))) PP, join(s(+(new(UVars),new(new(UVars) U UVars))),E) JP) . rl [NR1] : goal(UVars,SP,PP,join(*(E1,E2),E) JP) => goal(new(UVars) U UVars,SP, approx(E1,new(UVars)) approx(E2,zero) PP, join(zero,E) JP) . rl [NR1] : goal(UVars,SP,PP,join(*(E1,E2),E) JP) => goal(new(new(UVars) U UVars) U UVars,SP, approx(E1,new(UVars)) approx(E2,s(new(new(UVars) U UVars))) PP, join(+(*(new(UVars),new(new(UVars) U UVars)), new(UVars)),E) JP) . rl [DC2] : goal(UVars,SP,approx(zero,zero) PP,JP) => goal(UVars,SP,PP,JP) . rl [DC2] : goal(UVars,SP,approx(s(E),s(T)) PP,JP) => goal(UVars,SP,approx(E,T) PP,JP) . crl [IIM] : goal(UVars,SP,approx(s(E),V) PP,JP) => goal(new(UVars) U UVars,SP, subst(approx(E,new(UVars)) PP,V,s(new(UVars))), subst(JP,V,s(new(UVars)))) if not (s(E) : Term) and (V in demandVar(JP)) . rl [CF2] : goal(UVars,SP,approx(zero,s(E)) PP,JP) => FAIL . rl [CF2] : goal(UVars,SP,approx(s(E),zero) PP,JP) => FAIL .

And so we are done; the complete program can be found in Appendix A.

84


It is worth noting how easily and faithfully we have been able to simulate CLNC in the rewriting logic framework, a fact supporting the claims made in [18]. Now we can ask Maude to solve goals for us and be confident that it will find a solution, can’t we? Let us try with a simple one. Maude> rew goal(v(0), empty-eq, empty-approx, join(*(s(zero),v(0)), zero)) . result Goal: goal(v(0) U v(1), eq(v(0), zero), empty-approx, empty-join)

The resulting goal is in solved form and its solved part gives indeed the correct solution; the extra variable v(1) which appears in the first argument is created by the application of the third rule associated to NR1. So everything seems to work properly. However, let us simply interchange the positions of the factors in the goal. Maude> rew goal(v(0), empty-eq, empty-approx, join(*(v(0),s(zero)),zero)) . result Goal: FAIL

What has happened? Well, the calculus happens to be nondeterministic and, although mainly of a don’t care nature, this is not the case for the rules NR1 and NR2. So, when Maude faces this goal it applies the third of the rules corresponding to NR1, getting a new goal in which the (representation of the) approximation statement s(zero) → zero appears and then, by the rule CF2, we are led to the FAIL goal. As Maude does not have a built-in backtracking strategy, the rewriting process is stopped and no solution is found. Another problem with this approach is that it is too particular: for every CRWLtheory we have to build a whole new module. In addition, we would like to supply just the symbols and the program rules and leave the hard work of building the module to Maude. 19.2.2 Working at the metalevel All the remarks pointed out at the end of the previous section lead us to adopt a different perspective. Instead of writing for each CRWL-theory a system module that simulates its operational semantics, we are going to write a unique functional module which, given a signature and a program, returns the metarepresentation of such a system module. This way the difficulties previously mentioned are overcome: the module now works for every CRWL-theory and, as we get a module metarepresented, we can apply to it the strategy of our choice in order to explore the derivation tree generated by the rewriting relation.


85

The only information our module will need to be given is the list of constructors, the list of function symbols and the list of program rules. Constructor and function symbols are given by pairs consisting of a Qid for the symbol and a MachineInt for its arity. For rules, the metarepresentation (using Maude syntax) of every expression appearing in it is required. fmod MAP-PHI protecting protecting protecting

is META-LEVEL . MACHINE-INT . BOOL .

sorts Constructor ConstructorL Function FunctionL RuleCRWL RuleCRWLL CRWLTheory PairTerm PairTermL . op cSymbol : Qid MachineInt -> Constructor [ctor]. op nilC : -> ConstructorL [ctor] . op consC : Constructor ConstructorL -> ConstructorL [ctor] . op fSymbol : Qid MachineInt -> Function [ctor] . op nilF : -> FunctionL [ctor] . op consF : Function FunctionL -> FunctionL [ctor] . op op op op op op

: Term Term -> PairTermL [ctor] . nilPT : -> PairTermL [ctor] . consPT : PairTerm PairTermL -> PairTermL [ctor] . _->_ RuleCRWL [ctor] . nilR : -> RuleCRWLL [ctor] . consR : RuleCRWL RuleCRWLL -> RuleCRWLL [ctor] .

op crwlth : ConstructorL FunctionL RuleCRWLL -> CRWLTheory [ctor] .

Recalling the natural numbers theory of Section 19.2.1 and removing, for the sake of simplicity, the two program rules defining multiplication, we would have the following term representing it: crwlth(consC(cSymbol(’zero, 0), consC(cSymbol(’s, 1), nilC)), consF(fSymbol(’+,2), consF(fSymbol(’*, 2), nilF)), consR(’+[’v[{’0}’MachineInt], {’zero}’Term] -> ’v[{’0}’MachineInt] ’s[’+[’v[{’0}’MachineInt],’v[{’1}’MachineInt]]] Module . var var var var var var

CL : ConstructorL . RL : RuleCRWLL . ODS : OpDeclSet . ES : EquationSet . Q Q0 : Qid . T1 T2 : Term .

var FL : FunctionL . var VDS : VarDeclSet . var M N N0 : MachineInt . var TL1 TL2 : TermList .

eq phi(crwlth(CL,FL,RL)) = (mod ’CRWLTHEORY is including ’MACHINE-INT . including ’BOOL . sortCRWL subsortCRWL addC(CL,addF(FL,opCRWL)) addVar(max(maxC(CL),maxF(FL)),varCRWL) none addEqC(CL,addEqF(FL,eqCRWL)) (ruleCRWL ruleDC1(CL) ruleIM(CL) ruleNR1(RL) ruleDC2(CL) ruleIIM(CL) ruleNR2(RL) ruleCF1(CL) ruleCF2(CL)) endm) .

Sort and subsort declarations are independent of the theory and we can use two constants to include all of them. op sortCRWL : -> SortDecl . op subsortCRWL : -> SubsortDeclSet . eq sortCRWL = (sorts ’Var ; ’VarSet ; ’Term ; ’Expr ; ’Equation ; ’SolvedPart ; ’ApproxStatement ; ’ProducedPart ; ’JoinStatement ; ’JoinPart ; ’Goal .) .


eq subsortCRWL (subsort (subsort (subsort

87

= (subsort ’Var < ’VarSet .)(subsort ’Var < ’Term .) ’Term < ’Expr .) (subsort ’Equation < ’SolvedPart .) ’ApproxStatement < ’ProducedPart .) ’JoinStatement < ’JoinPart .) .

Recalling the system module NAT-CRWL associated to the natural numbers in Section 19.2.1 (which will be convenient to bear in mind from now on), it can be observed that these constants are simply assigned the metarepresentation of the declarations present there. In all the other cases we will have to distinguish a common part and a theory dependent part. For operations, the common part is formed by the auxiliary functions for substitutions, those dealing with variables, and the ones used to represent goals. All of these are grouped together in a constant. op opCRWL : -> OpDeclSet . eq opCRWL = (op ’v : ’MachineInt -> ’Var [ctor] .) (op ’empty-var : nil -> ’VarSet [ctor] .) (op ’_U_ : ’VarSet ’VarSet -> ’VarSet [ctor assoc comm id({’empty-var}’VarSet)] .) (op ’intersection : ’VarSet ’VarSet -> ’VarSet [none] .) (op ’_in_ : ’Var ’VarSet -> ’Bool [none] .) (op ’new : ’VarSet -> ’Var [none] .) (op ’maxIndex : ’VarSet -> ’MachineInt [none] .) (op ’goal : ’VarSet ’SolvedPart ’ProducedPart ’JoinPart -> ’Goal [ctor] .) (op ’FAIL : nil -> ’Goal [ctor] .) (op ’eq : ’Var ’Term -> ’Equation [ctor] .) (op ’empty-eq : nil -> ’SolvedPart [ctor] .) (op ’__ : ’SolvedPart ’SolvedPart -> ’SolvedPart [ctor assoc comm id({’empty-eq}’SolvedPart)] .) (op ’variables : ’Expr -> ’VarSet [none] .) ...

Besides, we also have to include all the symbols of the corresponding signature. For that we will use an auxiliary function which, given a quoted identifier and a number n, generates a list with n occurrences of the identifier. op repeatL : Qid MachineInt -> QidList . eq repeatL(Q, N) = if N > 0 then Q repeatL(Q, _-_(N, 1)) else nil fi .

88


(The strange looking prefix notation _-_(N, 1) is used because the term N-1 in infix notation becomes ambiguous at the metalevel and cannot be parsed correctly.) Then, addC and addF will add the corresponding declarations for constructor and function symbols, respectively. Recall that constructor symbols were overloaded. op addC : ConstructorL OpDeclSet -> OpDeclSet . op addF : FunctionL OpDeclSet -> OpDeclSet . eq addC(nilC, ODS) = ODS . eq addC(consC(cSymbol(Q,N),CL),ODS) = addC(CL,op Q : repeatL(’Expr,N) -> ’Expr [ctor] . op Q : repeatL(’Term,N) -> ’Term [ctor] . ODS) . eq addF(nilF,ODS) = ODS . eq addF(consF(fSymbol(Q,N),FL),ODS) = addF(FL,op Q : repeatL(’Expr,N) -> ’Expr [ctor] . ODS) .

Similarly for variables. There are a few ones which are shared by all metarepresented modules (mainly those taking part in the equations associated to auxiliary operations) and can be assigned to a constant. op varCRWL : -> VarDeclSet . eq varCRWL (var (var (var (var (var (var (var

= (var ’N : ’MachineInt .) (var ’V : ’Var .) ’V0 : ’Var .) (var ’UVars : ’VarSet .) ’VS : ’VarSet .) (var ’VS0 : ’VarSet .) ’EQ : ’Equation .) (var ’SP : ’SolvedPart .) ’PP : ’ProducedPart .) ’JP : ’JoinPart .) ’E : ’Expr .) (var ’E0 : ’Expr .) ’T : ’Term .) (var ’T0 : ’Term .) .

But even for auxiliary operations we will sometimes need more variables, in a number which may vary from one module to another. For example, given a signature with a function symbol f of arity 4, one of the equationss associated to variables (which returns the variables appearing in an expression) would be eq variables(f(E1, E2, E3, E4)) = variables(E1) U variables(E2) U variables(E3) U variables(E4) .

In general, we will need as many variables of sort Expr as the maximum arity of a symbol in the signature, and the same number of variables of sort Term. For that, two functions maxC and maxF calculating the maximum arity among constructor and


89

function symbols, respectively, are defined. The operation index, appearing in the definition of addVar, is declared in the module QID and, given a quoted identifier and an integer, appends the number to the identifier. op op op op

max : MachineInt MachineInt -> MachineInt . maxC : ConstructorL -> MachineInt . maxF : FunctionL -> MachineInt . addVar : MachineInt VarDeclSet -> VarDeclSet .

eq eq eq eq eq eq

max(M,N) = if M > N then M else N fi . maxC(nilC) = 0 . maxC(consC(cSymbol(Q,N),CL)) = max(N,maxC(CL)) . maxF(nilF) = 0 . maxF(consF(fSymbol(Q,N),FL)) = max(N,maxF(FL)) . addVar(N,VDS) = if N > 0 then addVar(_-_(N,1), (var index(’A,N) : ’Expr (var index(’B,N) : ’Expr (var index(’E,N) : ’Expr (var index(’T,N) : ’Term else VDS fi .

.) .) .) .) VDS)

The additional variables Ai, Bi, will be only used in the metarepresentation of the rules DC1 and CF1. The following argument in the metarepresentation of the module is the one dealing with memberships; in our case its value is simply none. Next we come to equations. As usual, we introduce a constant for the common ones. op eqCRWL : -> EquationSet . eq eqCRWL = (eq ’_U_[’V,’V] = ’V .) (eq ’_in_[’V,{’empty-var}’VarSet] = {’false}’Bool .) (eq ’_in_[’V,’_U_[’V0,’VS]] = ’_or_[’_==_[’V,’V0], ’_in_[’V,’VS]] .) (eq ’maxIndex[{’empty-var}’VarSet] = {’0}’MachineInt .) (eq ’maxIndex[’_U_[’v[’N],’VS]] = ’if_then_else_fi[’_>_[’N,’maxIndex[’VS]],’N, ’maxIndex[’VS]] .) (eq ’new[’VS] = ’v[’_+_[’maxIndex[’VS],{’1}’MachineInt]] .) (eq ’intersection[’VS,{’empty-var}’VarSet] = {’empty-var}’VarSet .) (eq ’intersection[’VS,’_U_[’V,’VS0]] = ’if_then_else_fi[’_in_[’V,’VS],

90


(eq (eq (eq (eq

’_U_[’V,’intersection[’VS,’VS0]], ’intersection[’VS,’VS0]] .) ’__[’EQ,’EQ] = ’EQ .) ’variables[’V] = ’V .) ’variables[{’empty-approx}’ProducedPart] = {’empty-var}’VarSet .) ’variables[’__[’approx[’E,’E0],’PP]] = ’_U_[’variables[’E],’variables[’E0],’variables[’PP]] .)

...

And now we have to add those equations associated to variables, safeVar and subst that depend on the signature. Three auxiliary functions will be used here, all of them generating the metarepresentation of the list of arguments of an operation. op genArgs : Qid MachineInt -> TermList . op auxEq1 : Qid MachineInt -> TermList . op auxEq2 : MachineInt -> TermList . eq genArgs(Q,N) = if N > 1 then genArgs(Q,_-_(N,1)), index(Q,N) else index(Q,1) fi . eq auxEq1(Q,N) = if N > 0 then auxEq1(Q,_-_(N,1)), Q[index(’E,N)] else {’empty-var}’VarSet fi . eq auxEq2(N) = if N > 1 then auxEq2(_-_(N, 1)), ’subst[index(’E,N),’V,’T] else ’subst[’E1,’V,’T] fi .

The easiest way to understand how they work is by means of an example. Let us recall, then, the equation variables(f(E1, E2, E3, E4)) = variables(E1) U variables(E2) U variables(E3) U variables(E4) displayed some lines above. Its metarepresentation could be obtained, using these functions, in the following way: eq ’variables[’f[genArgs(’E,4)]] = ’_U_[auxEq1(’variables,4)] .

The working of auxEq2 is similar. Notice that a single occurrence of the operation _U_ is needed in the metarepresentation because assoc is one of its equational attributes. With their help it is easy to define the functions in charge of completing the metarepresentation of the set of equations. op addEqC : ConstructorL EquationSet -> EquationSet . op addEqF : FunctionL EquationSet -> EquationSet .


91

eq addEqC(nilC,ES) = ES . eq addEqC(consC(cSymbol(Q,N),CL),ES) = if N == 0 then addEqC(CL, (eq ’variables[{Q}’Term] = {’empty-var}’VarSet .) (eq ’safeVar[{Q}’Term] = {’empty-var}’VarSet .) (eq ’subst[{Q}’Term,’V,’T] = {Q}’Term .) ES) else addEqC(CL, (eq ’variables[Q[genArgs(’E,N)]] = ’_U_[auxEq1(’variables,N)] .) (eq ’safeVar[Q[genArgs(’E,N)]] = ’_U_[auxEq1(’safeVar,N)] .) (eq ’subst[Q[genArgs(’E,N)],’V,’T] = Q[auxEq2(N)] .) ES) fi .

The reason why we distinguish two cases is that the metarepresentation of constants in Maude’s metalevel is not a particular case of the general metarepresentation of terms whose top symbol has arity greater than zero. The corresponding case for addEqF is entirely equal except for one of the equations associated to safeVar. Finally, we are only left with the metarepresentation of the rules in Maude corresponding to the CLNC-rules. Rules ID, BD, OB1, OB2, IB, EL and CY pose no problem, as they are theory independent and so are their metarepresentations. op ruleCRWL : -> RuleSet . eq ruleCRWL = (crl[’ID] : ’goal[’UVars,’SP,’PP,’__[’join[’V,’V],’JP]] => ’goal[’UVars,’SP,’PP,’JP] if ’not_[’_in_[’V,’producedVar[’PP]]] = {’true}’Bool .) (crl[’BD] : ’goal[’UVars,’SP,’PP,’__[’join[’V,’T],’JP]] => ’goal[’UVars,’__[’eq[’V,’T],’subst[’SP,’V,’T]], ’subst[’PP,’V,’T],’subst[’JP,’V,’T]] if ’_and_[’_==_[’intersection[’variables[’T], ’producedVar[’PP]], {’empty-var}’VarSet], ’not_[’_in_[’V,’_U_[’variables[’T], ’producedVar[’PP]]]]] = {’true}’Bool .) (crl[’OB1] : ’goal[’UVars,’SP,’__[’approx[’V,’T],’PP],’JP] => ’goal[’UVars,’__[’eq[’V,’T],’subst[’SP,’V,’T]], ’subst[’PP,’V,’T],’subst[’JP,’V,’T]] if ’_and_[’not_[’T : ’Var], ’not_[’_in_[’V,’producedVar[’PP]]]] = {’true}’Bool .) (crl[’OB2] : ’goal[’UVars,’SP,’__[’approx[’V,’T],’PP],’JP] =>

92

§19. A Maude Interpreter for CRWL ’goal[’UVars,’SP,’subst[’PP,’V,’T],’subst[’JP,’V,’T]] if ’_and_[’not_[’T : ’Var], ’_in_[’V,’producedVar[’PP]]] = {’true}’Bool .) (rl[’IB] : ’goal[’UVars,’SP,’__[’approx[’T,’V],’PP],’JP] => ’goal[’UVars,’SP,’subst[’PP,’V,’T],’subst[’JP,’V,’T]] .) (crl[’EL] : ’goal[’UVars,’SP,’__[’approx[’E,’V],’PP],’JP] => ’goal[’UVars,’SP,’PP,’JP] if ’not_[’_in_[’V,’_U_[’variables[’PP], ’variables[’JP]]]] = {’true}’Bool .) (crl[’CY] : ’goal[’UVars,’SP,’PP,’__[’join[’V,’E],’JP]] => {’FAIL}’Goal if ’_and_[’_=/=_[’V,’E],’_in_[’V,’safeVar[’E]]] = {’true}’Bool .) .

For the rest of the rules things become a bit harder. Let us first examine how the metarepresentation of the rules corresponding to DC1, an easy one, is obtained. We will have to generate one metarepresentation for each constructor symbol. The only point worth mentioning here is the auxiliary zip-like function _joinTerm_ which, given two lists of metaterms, returns a list of terms metarepresenting the join of corresponding terms in the lists. op _joinTerms_ : TermList TermList -> TermList . op ruleDC1 : ConstructorL -> RuleSet . eq T1 joinTerms T2 = ’join[T1,T2] . eq ( T1,TL1 ) joinTerms ( T2,TL2 ) = ’join[T1,T2], (TL1 joinTerms TL2) . eq ruleDC1(nilC) = none . eq ruleDC1(consC(cSymbol(Q,N),CL)) = if N > 0 then rl[’DC1] : ’goal[’UVars,’SP,’PP, ’__[’join[Q[genArgs(’A,N)], Q[genArgs(’B,N)]],’JP]] => ’goal[’UVars,’SP,’PP, ’__[genArgs(’A,N) joinTerms genArgs(’B,N), ’JP]] . ruleDC1(CL) else rl[’DC1] : ’goal[’UVars,’SP,’PP,’__[’join[{Q}’Term, {Q}’Term],’JP]] => ’goal[’UVars,’SP,’PP,’JP] . ruleDC1(CL) fi .

Again, the reason to distinguish two cases in the definition of ruleDC1 is imposed (mainly, though not uniquely) by the way terms are metarepresented in Maude.


93

Some of the remaining rules make use of fresh variables and, to create them, we introduce the function genNewVars which, given the metarepresentation of a set of variables and a positive integer n, returns a list of n terms metarepresenting variables different from those in the original set. op genNewVars : Term MachineInt -> TermList . eq genNewVars(Q,N) = if N > 1 then ’new[Q],genNewVars(’_U_[Q,’new[Q]],_-_(N,1)) else ’new[Q] fi .

genNewVars is used, for example, in the construction of the metarepresentation of the rules corresponding to IIM. The operation _approxTerms_ also appearing in it is the equivalent to _joinTerms_ for approx. op ruleIIM : ConstructorL -> RuleSet . eq ruleIIM(nilC) = none . eq ruleIIM(consC(cSymbol(Q,N),CL)) = if N > 0 then crl[’IIM]: ’goal[’UVars,’SP, ’__[’approx[Q[genArgs(’E,N)],’V],’PP],’JP] => ’goal[’_U_[genNewVars(’UVars,N),’UVars],’SP, ’subst[’__[genArgs(’E,N) approxTerms genNewVars(’UVars,N),’PP], ’V,Q[genNewVars(’UVars,N)]], ’subst[’JP,’V,Q[genNewVars(’UVars,N)]]] if ’_and_[’not_[Q[genArgs(’E,N)] : ’Term], ’_in_[’V,’demandVar[’JP]]] = {’true}’Bool . ruleIIM(CL) else ruleIIM(CL) fi .

Rule CF2 (and CF1) poses a different difficulty. Now we have to metarepresent a rule for each pair of constructor symbols, so we will need to declare sorts to build pairs and operations to cope with them. sorts PairC PairCL . subsort PairC < PairCL . op : Constructor Constructor -> PairC [ctor] . op nilP : -> PairCL [ctor] . op consP : PairCL PairCL -> PairCL [ctor assoc id: nilP] . op pairsL : ConstructorL -> PairCL .

The operation pairsL returns a list of all possible pairs of constructors in the signature and, with this information, ruleCF2Aux undertakes the rest of the work.

94


op createTerm : Qid Qid MachineInt -> Term . eq createTerm(Q, Q0, N) = if N > 0 then Q[genArgs(Q0,N)] else {Q}’Term fi . op op eq eq eq

ruleCF2 : ConstructorL -> RuleSet . ruleCF2Aux : PairCL -> RuleSet . ruleCF2(CL) = ruleCF2Aux(pairsL(CL)) . ruleCF2Aux(nilP) = none . ruleCF2Aux(consP(< cSymbol(Q,N), cSymbol(Q0,N0) >,PCL)) = (rl[’CF2]: ’goal[’UVars,’SP, ’__[’approx[createTerm(Q,’E,N), createTerm(Q0,’T,N0)],’PP], ’JP] => {’FAIL}’Goal .) (rl[’CF2]: ’goal[’UVars,’SP, ’__[’approx[createTerm(Q0,’E,N0), createTerm(Q,’T,N)],’PP], ’JP] => {’FAIL}’Goal .) ruleCF2Aux(PCL) .

The only purpose of the operation createTerm is to save typing by avoiding to have to distinguish the case n = 0. It was not used in previous occassions because additional modifications would have been required. The only rules not totally covered by the techniques described above are NR1 and NR2. These are, by far, the more difficult rules to metarepresent. The reason is that when we use an instance of a program rule we must employ fresh variables and we are entrusted with, first, creating them, and then performing the necessary substitutions so as to rename the original rule. However, this is an issue bearing no special interest and which can be solved with a slight extension of the methods we have already employed. As the details of this part are extensive and contribute with nothing really new, we do not include them here; they can be found in Appendix B. 19.2.3 Building a depth-first strategy The functional module we have just finished explaining simply supplies us with a metarepresentation of a module simulating CLNC for some CRWL theory, and naively applying to it the descent functions to solve goals will not work, as the nondeterminism is still there. What remains to be done is, taking advantage of the reflective capabilities of Maude, to build a module defining a strategy in order to control the rewriting of a term and the search in the tree of possible rewritings of a term. Our inspiration in this regard comes from [25], from which we borrow some of the operations explained in this section.


95

The module implementing the search strategy is parameterized with respect to two constants, equal to the metarepresentation of the Maude module which we want to work with and the list of rules in the module we are allowed to apply, respectively. (fth AMODULE is including META-LEVEL . op MOD : -> Module . op labels : -> QidList . endfth)

Parameterized modules, theories, and views are not directly supported by Maude, but belong to an extension called Full Maude. Parameterized datatypes use theories to specify the requirements the parameters must satisfy, while views perform the instantiations. Unlike that of modules, the semantics of theories is loose. The new syntax introduced is minimal and, hopefully, self-explanatory. Note however that the input to Full Maude must be given enclosed in parentheses. More details can be found in [9, 8, 11]. The module containing the strategy will be the parameterized module SEARCH[M :: MODULE]. The strategy controls the possible rewritings of a term by means of the descent function meta-apply. meta-apply returns one of the possible rewritings at the top level of a given term. Our first step will be to define an operation allRew that returns all the possible one-step rewritings of a given term by using rewrite rules with labels in the list labels. We first need to extend the sort TermList with an identity element. (mod SEARCH[M :: AMODULE] is including META-LEVEL . op ~ : -> TermList [ctor] . var TL : TermList . eq ~, TL = TL . eq TL, ~ = TL .

The operations needed to find all the possible rewritings, and their definitions, are as follows. var T : Term . var SB : Substitution . op extTerm : ResultPair -> Term . eq extTerm({T, SB}) = T .

96 op op op op op

§19. A Maude Interpreter for CRWL allRew : Term QidList -> TermList . topRew : Term Qid MachineInt -> TermList . lowerRew : Term Qid -> TermList . rewArguments : Qid TermList TermList Qid -> TermList . rebuild : Qid TermList TermList TermList -> TermList .

var LS : QidList . vars L C S OP : Qid . vars Before After : TermList . var N : MachineInt . eq allRew(T, nil) = ~ . eq allRew(T, L LS) = topRew(T, L, 0), *** rewriting at the top of T with label L lowerRew(T, L), *** rewriting of (proper) subterms with label L allRew(T, LS) . *** rewriting with labels LS eq topRew(T, L, N) = if extTerm(meta-apply(MOD, T, L, none, N)) == error* then ~ else extTerm(meta-apply(MOD, T, L, none, N)), topRew(T, L, N + 1) fi . eq lowerRew({C}S, L) = ~ . eq lowerRew(OP[TL], L) = rewArguments(OP, ~, TL, L) . eq rewArguments(OP, Before, T, L) = rebuild(OP, Before, allRew(T, L), ~) . eq rewArguments(OP, Before, (T, After), L) = rebuild(OP, Before, allRew(T, L), After) , rewArguments(OP, (Before, T), After, L) . eq rebuild(OP, Before, ~, After) = ~ . eq rebuild(OP, Before, T, After) = meta-reduce(MOD, OP[Before, T, After]) . eq rebuild(OP, Before, (T, TL), After) = meta-reduce(MOD, OP[Before, T, After]), rebuild(OP, Before, TL, After) .

In order for our strategy to be as general as possible, we assume that our metarepresented module MOD has an operation ok which returns a value of sort Answer such that ok(T) = solution, maybe-sol or no-solution depending on whether the term T is one of the terms we are looking for, it is not but may rewrite to one of those, or it is not and no solution can be found below it in the tree. In our case, this means that we must modify our module MAP-PHI so that the constants sortCRWL, opCRWL, and eqCRWL also include the metarepresentation of the following:


97

sort Answer . ops solution maybe-sol no-solution : -> Answer [ctor] . op ok : Goal -> Answer . eq ok(FAIL) = no-solution . eq ok(goal(UVars, SP, PP, JP)) = if (PP == empty-approx) and (JP == empty-join) then solution else maybe-sol fi .

This definition of ok is suitable because it is proved in [14] that if a goal is not in solved form and is different from FAIL then there exists some CLNC transformation applicable to it. Now we can define a strategy that searches through the tree of possible rewritings in a depth-first manner. op rewDepth : TermList -> Term . eq rewDepth(~) = error* . eq rewDepth(T) = if meta-reduce(MOD, ’ok[T]) == {’solution}’Answer then T else (if meta-reduce(MOD, ’ok[T]) == {’no-solution}’Answer then T else rewDepth(allRew(T, labels)) fi) fi . eq rewDepth( (T,TL) ) = if meta-reduce(MOD, ’ok[T]) == {’solution}’Answer then T else (if meta-reduce(MOD, ’ok[T]) == {’no-solution}’Answer then rewDepth(TL) else rewDepth( (allRew(T, labels), TL) ) fi) fi . endm)

Note that the first equation associated to rewDepth is never used; in the second, if ok applied to the term gives no-solution, then the term must be FAIL and is returned as answer, as all the tree has already been explored. (Applying this strategy to another module might require a slight modification of these points.) Let us now look at how to use this strategy to solve goals, using again our example of the natural numbers. We first need to get the metarepresentation of the module associated to it. (mod MAP-PHI-NAT is

98


including MAP-PHI . op consNat : -> ConstructorL . op funcNat : -> FunctionL . op rulNat : -> RuleCRWLL . eq consNat = consC(cSymbol(’zero, 0), consC(cSymbol(’s, 1),nilC)) . eq funcNat = consF(fSymbol(’+, 2), consF(fSymbol(’*, 2), nilF)) . eq rulNat = consR( ’+[’v[{’0}’MachineInt],{’zero}’Term] -> ’v[{’0}’MachineInt] ’s[’+[’v[{’1}’MachineInt],’v[{’3}’MachineInt]]] {’zero}’Term ’+[’*[’v[{’0}’MachineInt],’v[{’1}’MachineInt]], ’v[{’0}’MachineInt]] Module . op CLNClabels : -> QidList . eq METANAT = phi(crwlth(consNat, funcNat, rulNat)) . eq CLNClabels = ’DC1 ’ID ’BD ’IM ’NR1 ’DC2 ’OB1 ’OB2 ’IB ’IIM ’EL ’NR2 ’CF1 ’CY ’CF2 . endm)

We then declare a view and instantiate the module SEARCH with it. (view ModuleEx from AMODULE to MAP-PHI-NAT is op MOD to METANAT . op labels to CLNClabels . endv) (mod SEARCH-NAT is protecting SEARCH[ModuleEx] endm)

And now, the problematic goal goal(v(0), empty-eq, empty-approx, join(*(v(0),s(zero)),zero))

does not longer lead to FAIL:

§20. Conclusions

99

Maude> (red rewDepth(’goal[’v[{’0}’MachineInt], {’empty-eq}’SolvedPart, {’empty-approx}’ProducedPart, ’join[’*[’v[{’0}’MachineInt],’s[{’zero}’Term]], {’zero}’Term]]) .) Result Term : ’goal[’_U_[’v[{’0}’MachineInt], ’v[{’1}’MachineInt], ’v[{’2}’MachineInt], ’v[{’3}’MachineInt], ’v[{’4}’MachineInt]], ’eq[’v[{’0}’MachineInt], {’zero}’Term], {’empty-approx}’ProducedPart, {’empty-join}’JoinPart]

At this point some remarks should be made. As it was pointed out before and this last example makes clear again, the interface of this module is somewhat cumbersome and, in order to work realistically with it, a parser should be developed. In this regard, it should be mentioned that there exist in Full Maude two functions called up and down that automatically shift from the object-level to the meta-level representation, and vice versa, and that could be used to avoid some of the “cumbersomity”. In addition, the resolution of goals is time-consuming. Among the reasons for this slowness are the fact that we are working at the metalevel, the multitude of equational attributes (comm, assoc, id) in the declarations of the operations (so that rewriting has to be performed modulo them), and that the search strategy we have chosen (depth-first search) is not efficient. (In T OY, an experimental language and system that implements the CRWL paradigm, a different set of rules from those of CLNC is used, together with a demand driven computational strategy to apply them.) On the other hand, the approach we have followed has been easy to develop, and can be extended without difficulty.

§20.

Conclusions

The main outcome of the research carried out in this paper has been the clarification of the relationship between RL and CRWL. Both logics have been proved to be expressive enough to simulate deduction in each other in a simple way. On the other hand, neither can RL be considered as a sublogic of CRWL, nor can CRWL with respect to RL, and this certainly was not something we had expected. During the preparation of this work we have been forced to take a close look at the notions of entailment system and institution, and the difficulties we have found have shown us that intuition can be misleading in this field. The conclusion we have reached is that it would be very convenient to develop some kind of generalization of these concepts. One reason supporting this claim is the fact that, although it seems

100

§20. Conclusions

clear that CRWL should fit within the frame of entailment systems, the lack of the transitivity property forbids it to be considered so. In addition, there have been several occasions wherein we have had to make a distinction between two types of sentences within the same logic. The most outstanding case was that of labelled and unlabelled rewrite rules in RL, but we should also emphasize that rules in CRWLprograms are a restricted class of the more general class of reduction statement, and that, when we talked about reflection, we had to “weaken” its definition in order to encompass some of the results about RL, due to conditional sentences not being treated like unconditional ones. What all these examples have in common is that sentences belonging to a theory are given a different treatment from the rest of sentences and, with the current definitions of entailment system and institution, there is no way of taking this distinction into account. For future work, besides the generalizations just mentioned, it would be interesting to complete the definition of the institution IRL with signature morphisms (morphisms of RL-theories), as well as finding a more illustrative example showing the reasons why RL is not embeddable in CRWL.

References [1] Puri Arenas-Sánchez and Mario Rodr´ıguez-Artalejo. A general framework for lazy functional logic programming with algebraic polymorphic types. Theory and Practice of Logic Programming, 1(2):185–245, March 2001. [2] Purificaci´ on Arenas-Sánchez. Programaci´ on Declarativa con Restricciones sobre Tipos de Datos Algebraicos. PhD thesis, Universidad Complutense de Madrid, Spain, December 1998. [3] Purificaci´ on Arenas-Sánchez, Francisco J. López-Fraguas, and Mario Rodr´ıguez-Artalejo. Embedding multiset constraints into a lazy functional logic language. In Catuscia Palamidessi, Hugh Glaser, and Karl Meinke, editors, Principles of Declarative Programming, 10th International Symposium, PLIP’98 Held Jointly with the 6th Conference ALP’98, Pisa, Italy, September 16–18, 1998, Proceedings, volume 1490 of Lecture Notes in Computer Science, pages 429–444. Springer-Verlag, 1998. [4] Michael Barr and Charles Wells. Category Theory for Computing Science. Centre de Recherches Mathématiques, third edition, 1999. [5] Adel Bouhoula, Jean-Pierre Jouannaud, and José Meseguer. Specification and proof in membership equational logic. Theoretical Computer Science, 236:35– 132, 2000.

§20. Conclusions

101

[6] Manuel Clavel. Reflection in General Logics and in Rewriting Logic, with Applications to the Maude Language. PhD thesis, Universidad de Navarra, Spain, February 1998. [7] Manuel Clavel. Reflection in Rewriting Logic: Metalogical Foundations and Metaprogramming Applications. CSLI Lecture Notes. CSLI Publications, 2000. [8] Manuel Clavel, Francisco Durán, Steven Eker, Patrick Lincoln, Narciso Mart´ıOliet, José Meseguer, and José F. Quesada. Maude: Specification and programming in rewriting logic. Manual distributed as documentation of the Maude system, Computer Science Laboratory, SRI International. http://maude.csl. sri.com/manual, January 1999. [9] Manuel Clavel, Francisco Durán, Steven Eker, Patrick Lincoln, Narciso Mart´ıOliet, José Meseguer, and José F. Quesada. A Maude tutorial. Tutorial distributed as documentation of the Maude system, Computer Science Laboratory, SRI International. Presented at the European Joint Conference on Theory and Practice of Software, ETAPS 2000, Berlin, Germany, March 25, 2000. http://maude.csl.sri.com/tutorial, March 2000. [10] Manuel Clavel and José Meseguer. Reflection in conditional rewriting logic. Theoretical Computer Science, 2001. To appear. [11] Francisco Durán. A Reflective Module Algebra with Applications to the Maude Language. PhD thesis, Universidad de Málaga, Spain, June 1999. http:// maude.csl.sri.com/papers. [12] Joseph Goguen and Rod Burstall. Institutions: Abstract model theory for specification and programming. Journal of the Association for Computing Machinery, 39(1):95–146, 1992. [13] Joseph A. Goguen and José Meseguer. Completeness of many-sorted equational logic. Houston Journal of Mathematics, 11(3):307–334, 1985. Preliminary version appeared in: SIGPLAN Notices, July 1981, Volume 16, Number 7, pages 24-37. [14] Juan Carlos González-Moreno, M. Teresa Hortalá-González, Francisco J. LópezFraguas, and Mario Rodr´ıguez-Artalejo. An approach to declarative programming based on a rewriting logic. Journal of Logic Programming, 40:47–87, 1999. [15] Juan Carlos González-Moreno, M. Teresa Hortalá-González, and Mario Rodr´ıguez-Artalejo. Polymorphic types in functional logic programming. Journal of Functional and Logic Programming, 2001. To appear. [16] J. Lambek. Subequalizers. Canadian Mathematical Bulletin, 13:337–349, 1970.

102

§20. Conclusions

[17] Saunders Mac Lane. Categories for the Working Mathematician. SpringerVerlag, second edition, 1998. [18] Narciso Mart´ı-Oliet and José Meseguer. Rewriting logic as a logical and semantic framework. Technical Report SRI-CSL-93-05, SRI International, Computer Science Laboratory, August 1993. To appear in D. Gabbay, editor, Handbook of Philosophical Logic, Second Edition, Volume 6, Kluwer Academic Publishers, 2001. http://maude.csl.sri.com/papers. [19] José Meseguer. General logics. In H.-D. Ebbinghaus, J. Fernández-Prida, M. Garrido, D. Lascar, and M. Rodr´ıguez-Artalejo, editors, Logic Colloquium’87, pages 275–329. North-Holland, 1989. [20] José Meseguer. Rewriting as a unified model of concurrency. Technical Report SRI-CSL-90-02, SRI International, Computer Science Laboratory, February 1990. Revised June 1990. [21] José Meseguer. Conditional rewriting logic as a unified model of concurrency. Theoretical Computer Science, 96(1):73–155, 1992. [22] José Meseguer. Membership algebra as a logical framework for equational specification. In Francesco Parisi-Presicce, editor, Recent Trends in Algebraic Development Techniques, 12th International Workshop, WADT’97, Tarquinia, Italy, June 3–7, 1997, Selected Papers, volume 1376 of Lecture Notes in Computer Science, pages 18–61. Springer-Verlag, 1998. [23] Hiroyuki Miyoshi. Modelling conditional rewriting logic in structured categories. In José Meseguer, editor, Proceedings First International Workshop on Rewriting Logic and its Applications, WRLA’96, Asilomar, California, September 3–6, 1996, volume 4 of Electronic Notes in Theoretical Computer Science, pages 20–34. Elsevier, 1996. http://www.elsevier.nl/locate/entcs/ volume4.html. [24] Juan Miguel Molina-Bravo. Modularidad en Programaci´ on L´ ogico-Funcional de Primer Orden. PhD thesis, Universidad de Málaga, December 2000. [25] Alberto Verdejo and Narciso Mart´ı-Oliet. Executing and verifying CCS in Maude. Technical Report 99-00, Departamento de Sistemas Informáticos y Programaci´ on, Universidad Complutense de Madrid, February 2000. http: //maude.csl.sri.com/casestudies/ccs.

§A. The Module NAT-CRWL

§A.

The Module NAT-CRWL

mod NAT-CRWL is protecting MACHINE-INT . sorts Var VarSet . subsort Var < VarSet . op op op op op op op

v : MachineInt -> Var [ctor] . empty-var : -> VarSet [ctor]. _U_ : VarSet VarSet -> VarSet [ctor assoc comm id: empty-var] . intersection : VarSet VarSet -> VarSet . _in_ : Var VarSet -> Bool . new : VarSet -> Var . maxIndex : VarSet -> MachineInt .

var N : MachineInt . vars V V’ : Var . vars VS VS’ : VarSet . eq V U V = V . eq V in empty-var = false . eq V in (V’ U VS) = (V == V’) or (V in VS) . eq maxIndex(empty-var) = 0 . eq maxIndex(v(N) U VS) = if (N > maxIndex(VS)) then N else maxIndex(VS) fi . eq new(VS) = v(maxIndex(VS) + 1) . eq intersection(VS,empty-var) = empty-var . eq intersection(VS,V U VS’) = if (V in VS) then (V U intersection(VS,VS’)) else intersection(VS,VS’) fi . sorts Term Expr Equation SolvedPart ApproxStatement ProducedPart JoinStatement JoinPart Goal . subsort Var < Term < Expr . op goal : VarSet SolvedPart ProducedPart JoinPart -> Goal [ctor] . op FAIL : -> Goal [ctor] . subsort Equation < SolvedPart . op eq : Var Term -> Equation [ctor] . op empty-eq : -> SolvedPart [ctor] . op __ : SolvedPart SolvedPart -> SolvedPart [ctor assoc comm id: empty-eq] .

103

104


var EQ : Equation . eq EQ EQ = EQ . *** the solved part is a set subsort ApproxStatement < ProducedPart . op approx : Expr Term -> ApproxStatement [ctor] . op empty-approx : -> ProducedPart [ctor] . op __ : ProducedPart ProducedPart -> ProducedPart [ctor assoc comm id: empty-approx] . subsort JoinStatement < JoinPart . op join : Expr Expr -> JoinStatement [ctor comm] . op empty-join : -> JoinPart [ctor] . op __ : JoinPart JoinPart -> JoinPart [ctor assoc comm id: empty-join] . subsort JoinStatement < JoinPart . op join : Expr Expr -> JoinStatement [comm] . op empty-join : -> JoinPart . op __ : JoinPart JoinPart -> JoinPart [assoc comm id: empty-join] . op zero : -> Term [ctor] . op s : Expr -> Expr [ctor] . op s : Term -> Term [ctor] . ops + * : Expr Expr -> Expr [ctor] . vars E E’ : Expr . vars E1 E2 A1 A2 B1 B2 : Expr . var T T’ : Term . var SP : SolvedPart . var AS : ApproxStatement . var PP : ProducedPart . var JS : JoinStatement . var JP : JoinPart . var UVars : VarSet . op op op eq eq eq eq eq eq eq

variables : Expr -> VarSet . variables : ProducedPart -> VarSet . variables : JoinPart -> VarSet . variables(V) = V . variables(zero) = empty-var . variables(s(E)) = variables(E) . variables(+(E,E’)) = variables(E) U variables(E’) . variables(*(E,E’)) = variables(E) U variables(E’) . variables(empty-approx) = empty-var . variables(approx(E,E’) PP) = variables(E) U variables(E’) U variables(PP) . eq variables(empty-join) = empty-var . eq variables(join(E,E’) JP) = variables(E) U variables(E’) U

§A. The Module NAT-CRWL variables(JP) . op eq eq eq eq eq

safeVar : Expr -> VarSet . safeVar(V) = V . safeVar(zero) = empty-var . safeVar(s(E)) = safeVar(E) . safeVar(+(E,E’)) = empty-var . safeVar(*(E,E’)) = empty-var .

op producedVar : ProducedPart -> VarSet . eq producedVar(empty-approx) = empty-var . eq producedVar(approx(E,E’) PP) = variables(E’) U producedVar(PP) . op demandVar : JoinPart -> VarSet . eq demandVar(empty-join) = empty-var . eq demandVar(join(V,V’) JP) = V U V’ U demandVar(JP) . ceq demandVar(join(V,E’) JP) = V U demandVar(JP) if not (E’ : Var) . ceq demandVar(join(E,E’) JP) = demandVar(JP) if not (E : Var) and not (E’ : Var) . op subst : Expr Var Term -> Expr . op subst : SolvedPart Var Term -> SolvedPart . op subst : ProducedPart Var Term -> ProducedPart . op subst : JoinPart Var Term -> JoinPart . ceq subst(V’,V,T) = T if V’ == V . ceq subst(V’,V,T) = V’ if V’ =/= V . eq subst(zero,V,T) = zero . eq subst(s(E),V,T) = s(subst(E,V,T)) . eq subst(+(E,E’),V,T) = +(subst(E,V,T),subst(E’,V,T)) . eq subst(*(E,E’),V,T) = *(subst(E,V,T),subst(E’,V,T)) . eq subst(empty-eq,V,T) = empty-eq . eq subst(eq(V’,T’) SP,V,T) = eq(V’,subst(T’,V,T)) subst(SP,V,T) . eq subst(empty-approx,V,T) = empty-approx . eq subst(approx(E,E’) PP,V,T) = approx(subst(E,V,T),subst(E’,V,T)) subst(PP,V,T) . eq subst(empty-join,V,T) = empty-join . eq subst(join(E,E’) JP,V,T) = join(subst(E,V,T),subst(E’,V,T)) subst(JP,V,T) .

*** rules for joinability rl [DC1] : goal(UVars,SP,PP,join(zero,zero) JP) => goal(UVars,SP,PP,JP) . rl [DC1] : goal(UVars,SP,PP,join(s(A1),s(B1)) JP) => goal(UVars,SP,PP,join(A1,B1) JP) . crl [ID] : goal(UVars,SP,PP,join(V,V) JP) => goal(UVars,SP,PP,JP)

105

106

§A. The Module NAT-CRWL if not (V in producedVar(PP)) .

crl [BD] : goal(UVars,SP,PP,join(V,T) JP) => goal(UVars,eq(V,T) subst(SP,V,T),subst(PP,V,T),subst(JP,V,T)) if intersection(variables(T),producedVar(PP)) == empty-var and not V in (variables(T) U producedVar(PP)) . crl [IM] : goal(UVars,SP,PP,join(V,s(E)) JP) => goal(new(UVars) U UVars, eq(V,s(new(UVars))) subst(SP,V,s(new(UVars))), subst(PP,V,s(new(UVars))), subst(join(new(UVars),E) JP,V,s(new(UVars)))) if (not (s(E) : Term) or intersection(variables(s(E)),producedVar(PP)) =/= empty-var) and not (V in producedVar(PP)) and not (V in safeVar(s(E))) . rl [NR1] : goal(UVars,SP,PP,join(+(E1,E2),E) JP) => goal(new(UVars) U UVars,SP, approx(E1,new(UVars)) approx(E2,zero) PP, join(new(UVars),E) JP) . rl [NR1] : goal(UVars,SP,PP,join(+(E1,E2),E) JP) => goal(new(new(UVars) U UVars) U UVars,SP, approx(E1,new(UVars)) approx(E2,s(new(new(UVars) U UVars))) PP, join(s(+(new(UVars),new(new(UVars) U UVars))),E) JP) . rl [NR1] : goal(UVars,SP,PP,join(*(E1,E2),E) JP) => goal(new(UVars) U UVars,SP, approx(E1,new(UVars)) approx(E2,zero) PP, join(zero,E) JP) . rl [NR1] : goal(UVars,SP,PP,join(*(E1,E2),E) JP) => goal(new(new(UVars) U UVars) U UVars,SP, approx(E1,new(UVars)) approx(E2,s(new(new(UVars) U UVars))) PP, join(+(*(new(UVars),new(new(UVars) U UVars)), new(UVars)),E) JP) . *** rules for reduction rl [DC2] : goal(UVars,SP,approx(zero,zero) PP,JP) => goal(UVars,SP,PP,JP) . rl [DC2] : goal(UVars,SP,approx(s(E),s(T)) PP,JP) => goal(UVars,SP,approx(E,T) PP,JP) . crl [OB1] : goal(UVars,SP,approx(V,T) PP,JP) => goal(UVars,eq(V,T) subst(SP,V,T),subst(PP,V,T),


107

subst(JP,V,T)) if (not T : Var) and not (V in producedVar(PP)) . crl [OB2] : goal(UVars,SP,approx(V,T) PP,JP) => goal(UVars,SP,subst(PP,V,T),subst(JP,V,T)) if (not T : Var) and (V in producedVar(PP)) . rl [IB] : goal(UVars,SP,approx(T,V) PP,JP) => goal(UVars,SP,subst(PP,V,T),subst(JP,V,T)) . crl [IIM] : goal(UVars,SP,approx(s(E),V) PP,JP) => goal(new(UVars) U UVars,SP, subst(approx(E,new(UVars)) PP,V,s(new(UVars))), subst(JP,V,s(new(UVars)))) if not (s(E) : Term) and (V in demandVar(JP)) . crl [EL] : goal(UVars,SP,approx(E,V) PP,JP) => goal(UVars,SP,PP,JP) if not (V in (variables(PP) U variables(JP))) . crl [NR2] : goal(UVars,SP,approx(+(E1,E2),T) PP,JP) => goal(new(UVars) U UVars,SP, approx(E1,new(UVars)) approx(E2,zero) approx(new(UVars),T) PP, JP) if (not T : Var) or (T in demandVar(JP)) . crl [NR2] : goal(UVars,SP,approx(+(E1,E2),T) PP,JP) => goal(new(new(UVars) U UVars) U UVars,SP, approx(E1,new(UVars)) approx(E2,s(new(new(UVars) U UVars))) approx(s(+(new(UVars),new(new(UVars) U UVars))),T) PP, JP) if (not T : Var) or (T in demandVar(JP)) . crl [NR2] : goal(UVars,SP,approx(*(E1,E2),T) PP,JP) => goal(new(UVars) U UVars,SP, approx(E1,new(UVars)) approx(E2,zero) approx(zero,T) PP, JP) if (not T : Var) or (T in demandVar(JP)) . crl [NR2] : goal(UVars,SP,approx(*(E1,E2),T) PP,JP) => goal(new(new(UVars) U UVars) U UVars,SP, approx(E1,new(UVars)) approx(E2,s(new(new(UVars) U UVars))) approx(+(*(new(UVars),new(new(UVars) U UVars)), new(UVars)),T) PP, JP) if (not T : Var) or (T in demandVar(JP)) . *** failure rules

108

§B. The Module MAP-PHI

rl [CF1] : goal(UVars,SP,PP,join(zero,s(E)) JP) => FAIL . crl [CY] : goal(UVars,SP,PP,join(V,E) JP) => FAIL if (V =/= E) and (V in safeVar(E)) . rl [CF2] : goal(UVars,SP,approx(zero,s(E)) PP,JP) => FAIL . rl [CF2] : goal(UVars,SP,approx(s(E),zero) PP,JP) => FAIL . endm

§B.

The Module MAP-PHI

This code already includes the metarepresentation of the sort Answer and its associated operations mentioned on page 96. (fmod MAP-PHI is protecting META-LEVEL . protecting MACHINE-INT . protecting BOOL . sorts Constructor ConstructorL Function FunctionL RuleCRWL RuleCRWLL CRWLTheory PairTerm PairTermL . op cSymbol : Qid MachineInt -> Constructor [ctor]. op nilC : -> ConstructorL [ctor] . op consC : Constructor ConstructorL -> ConstructorL [ctor] . op fSymbol : Qid MachineInt -> Function [ctor] . op nilF : -> FunctionL [ctor] . op consF : Function FunctionL -> FunctionL [ctor] . op op op op op op

: Term Term -> PairTermL [ctor] . nilPT : -> PairTermL [ctor] . consPT : PairTerm PairTermL -> PairTermL [ctor] . _->_ RuleCRWL [ctor] . nilR : -> RuleCRWLL [ctor] . consR : RuleCRWL RuleCRWLL -> RuleCRWLL [ctor] .

op crwlth : ConstructorL FunctionL RuleCRWLL -> CRWLTheory [ctor] . op phi : CRWLTheory -> Module . var CL : ConstructorL . var R : RuleCRWL .

var FL : FunctionL . var RL : RuleCRWLL .

§B. The Module MAP-PHI var var var var

ODS : OpDeclSet . ES : EquationSet . Q Q0 : Qid . T T1 T2 : Term .

109

var VDS : VarDeclSet . var M N N0 : MachineInt . var TL TL1 TL2 : TermList .

op sortCRWL : -> SortDecl . eq sortCRWL = (sorts ’Var ; ’VarSet ; ’Term ; ’Expr ; ’Equation ; ’SolvedPart ; ’ApproxStatement ; ’ProducedPart ; ’JoinStatement ; ’JoinPart ; ’Goal ; ’Answer .) . op subsortCRWL : -> SubsortDeclSet . eq subsortCRWL = (subsort ’Var < ’VarSet .) (subsort ’Var < ’Term .) (subsort ’Term < ’Expr .) (subsort ’Equation < ’SolvedPart .) (subsort ’ApproxStatement < ’ProducedPart .) (subsort ’JoinStatement < ’JoinPart .) . op opCRWL : -> OpDeclSet . eq opCRWL = (op ’solution : nil -> ’Answer [ctor] .) (op ’maybe-sol : nil -> ’Answer [ctor] .) (op ’no-solution : nil -> ’Answer [ctor] .) (op ’ok : ’Goal -> ’Answer [none] .) (op ’v : ’MachineInt -> ’Var [ctor] .) (op ’empty-var : nil -> ’VarSet [ctor] .) (op ’_U_ : ’VarSet ’VarSet -> ’VarSet [ctor assoc comm id({’empty-var}’VarSet)] .) (op ’intersection : ’VarSet ’VarSet -> ’VarSet [none] .) (op ’_in_ : ’Var ’VarSet -> ’Bool [none] .) (op ’new : ’VarSet -> ’Var [none] .) (op ’maxIndex : ’VarSet -> ’MachineInt [none] .) (op ’goal : ’VarSet ’SolvedPart ’ProducedPart ’JoinPart -> ’Goal [ctor] .) (op ’FAIL : nil -> ’Goal [ctor] .) (op ’eq : ’Var ’Term -> ’Equation [ctor] .) (op ’empty-eq : nil -> ’SolvedPart [ctor] .) (op ’__ : ’SolvedPart ’SolvedPart -> ’SolvedPart [ctor assoc comm id({’empty-eq}’SolvedPart)] .) (op ’approx : ’Expr ’Term -> ’ApproxStatement [ctor] .) (op ’empty-approx : nil -> ’ProducedPart [ctor] .) (op ’__ : ’ProducedPart ’ProducedPart -> ’ProducedPart [ctor assoc comm id({’empty-approx}’ProducedPart)] .) (op ’join : ’Expr ’Expr -> ’JoinStatement [ctor comm] .) (op ’empty-join : nil -> ’JoinPart [ctor] .) (op ’__ : ’JoinPart ’JoinPart -> ’JoinPart [ctor assoc comm id({’empty-join}’JoinPart)] .) (op ’variables : ’Expr -> ’VarSet [none] .) (op ’variables : ’ProducedPart -> ’VarSet [none] .)

110

§B. The Module MAP-PHI (op (op (op (op (op (op (op (op (op

’variables : ’JoinPart -> ’VarSet [none] .) ’safeVar : ’Expr -> ’VarSet [none] .) ’producedVar : ’ProducedPart -> ’VarSet [none] .) ’demandVar : ’JoinPart -> ’VarSet [none] .) ’subst : ’Expr ’Var ’Term -> ’Expr [none] .) ’subst : ’Term ’Var ’Term -> ’Term [none] .) ’subst : ’SolvedPart ’Var ’Term -> ’SolvedPart [none] .) ’subst : ’ProducedPart ’Var ’Term -> ’ProducedPart [none] .) ’subst : ’JoinPart ’Var ’Term -> ’JoinPart [none] .) .

op repeatL : Qid MachineInt -> QidList . op addC : ConstructorL OpDeclSet -> OpDeclSet . op addF : FunctionL OpDeclSet -> OpDeclSet . eq repeatL(Q, N) = if N > 0 then Q repeatL(Q, _-_(N,1)) else nil fi . eq addC(nilC, ODS) = ODS . eq addC(consC(cSymbol(Q,N),CL),ODS) = addC(CL,(op Q : repeatL(’Expr,N) -> ’Expr [ctor] .) (op Q : repeatL(’Term,N) -> ’Term [ctor] .) ODS) . eq addF(nilF,ODS) = ODS . eq addF(consF(fSymbol(Q,N),FL),ODS) = addF(FL,(op Q : repeatL(’Expr,N) -> ’Expr [ctor] .) ODS) . op varCRWL : -> VarDeclSet . eq varCRWL = (var ’N : ’MachineInt .) (var ’V : ’Var .) (var ’V0 : ’Var .) (var ’UVars : ’VarSet .) (var ’VS : ’VarSet .) (var ’VS0 : ’VarSet .) (var ’EQ : ’Equation .) (var ’SP : ’SolvedPart .) (var ’PP : ’ProducedPart .) (var ’JP : ’JoinPart .) (var ’E : ’Expr .) (var ’E0 : ’Expr .) (var ’T : ’Term .) (var ’T0 : ’Term .) . op op op op

max : MachineInt MachineInt -> MachineInt . maxC : ConstructorL -> MachineInt . maxF : FunctionL -> MachineInt . addVar : MachineInt VarDeclSet -> VarDeclSet .

eq eq eq eq eq eq

max(M,N) = if M > N then M else N fi . maxC(nilC) = 0 . maxC(consC(cSymbol(Q,N),CL)) = max(N,maxC(CL)) . maxF(nilF) = 0 . maxF(consF(fSymbol(Q,N),FL)) = max(N,maxF(FL)) . addVar(N,VDS) = if N > 0 then addVar(_-_(N,1), (var index(’A,N) : ’Expr .) (var index(’B,N) : ’Expr .) (var index(’E,N) : ’Expr .)


111

(var index(’T,N) : ’Term .) VDS) else VDS fi . op eqCRWL : -> EquationSet . eq eqCRWL = (eq ’ok[{’FAIL}’Goal] = {’no-solution}’Answer .) (eq ’ok[’goal[’UVars,’SP,{’empty-approx}’ProducedPart, {’empty-join}’JoinPart]] = {’solution}’Answer .) (eq ’_U_[’V,’V] = ’V .) (eq ’_in_[’V,{’empty-var}’VarSet] = {’false}’Bool .) (eq ’_in_[’V,’_U_[’V0,’VS]] = ’_or_[’_==_[’V,’V0],’_in_[’V,’VS]] .) (eq ’maxIndex[{’empty-var}’VarSet] = {’0}’MachineInt .) (eq ’maxIndex[’_U_[’v[’N],’VS]] = ’if_then_else_fi[’_>_[’N,’maxIndex[’VS]],’N,’maxIndex[’VS]] .) (eq ’new[’VS] = ’v[’_+_[’maxIndex[’VS],{’1}’MachineInt]] .) (eq ’intersection[’VS,{’empty-var}’VarSet] = {’empty-var}’VarSet .) (eq ’intersection[’VS,’_U_[’V,’VS0]] = ’if_then_else_fi[’_in_[’V,’VS],’_U_[’V,’intersection[’VS,’VS0]], ’intersection[’VS,’VS0]] .) (eq ’__[’EQ,’EQ] = ’EQ .) (eq ’variables[’V] = ’V .) (eq ’variables[{’empty-approx}’ProducedPart] = {’empty-var}’VarSet .) (eq ’variables[’__[’approx[’E,’E0],’PP]] = ’_U_[’variables[’E],’variables[’E0],’variables[’PP]] .) (eq ’variables[{’empty-join}’JoinPart] = {’empty-var}’VarSet .) (eq ’variables[’__[’join[’E,’E0],’JP]] = ’_U_[’variables[’E],’variables[’E0],’variables[’JP]].) (eq ’safeVar[’V] = ’V .) (eq ’producedVar[{’empty-approx}’ProducedPart] = {’empty-var}’VarSet .) (eq ’producedVar[’__[’approx[’E,’E0],’PP]] = ’_U_[’variables[’E0],’producedVar[’PP]] .) (eq ’demandVar[’__[’join[’V,’V0],’JP]] = ’_U_[’V,’V0,’demandVar[’JP]] .) (ceq ’demandVar[’__[’join[’V,’E0],’JP]] = ’_U_[’V,’demandVar[’JP]] if ’not_[’E0 : ’Var] = {’true}’Bool .) (ceq ’demandVar[’__[’join[’E,’E0],’JP]] = ’demandVar[’JP] if ’_and_[’not_[’E : ’Var],’not_[’E0 : ’Var]]= {’true}’Bool .) (eq ’demandVar[{’empty-join}’JoinPart] = {’empty-var}’VarSet .) (ceq ’subst[’V0,’V,’T] = ’T if ’_==_[’V0,’V] = {’true}’Bool .) (ceq ’subst[’V0,’V,’T] = ’V0 if ’_=/=_[’V0,’V] = {’true}’Bool .) (eq ’subst[{’empty-eq}’SolvedPart,’V,’T]= {’empty-eq}’SolvedPart .) (eq ’subst[’__[’eq[’V0,’T0],’SP],’V,’T] = ’__[’eq[’V0,’subst[’T0,’V,’T]],’subst[’SP,’V,’T]] .) (eq ’subst[{’empty-approx}’ProducedPart,’V,’T] =

112

§B. The Module MAP-PHI {’empty-approx}’ProducedPart .) (eq ’subst[’__[’approx[’E,’T0],’PP],’V,’T] = ’__[’approx[’subst[’E,’V,’T],’subst[’T0,’V,’T]], ’subst[’PP,’V,’T]] .) (eq ’subst[{’empty-join}’JoinPart,’V,’T] = {’empty-join}’JoinPart .) (eq ’subst[’__[’join[’E,’E0],’JP],’V,’T] = ’__[’join[’subst[’E,’V,’T],’subst[’E0,’V,’T]], ’subst[’JP,’V,’T]] .) .

op op op op op

genArgs : Qid MachineInt -> TermList . auxEq1 : Qid MachineInt -> TermList . auxEq2 : MachineInt -> TermList . addEqC : ConstructorL EquationSet -> EquationSet . addEqF : FunctionL EquationSet -> EquationSet .

eq genArgs(Q,N) = if N > 1 then genArgs(Q,_-_(N,1)),index(Q,N) else index(Q,1) fi . eq auxEq1(Q,N) = if N > 0 then auxEq1(Q,_-_(N,1)),Q[index(’E,N)] else {’empty-var}’VarSet fi . eq auxEq2(N) = if N > 1 then auxEq2(_-_(N,1)),’subst[index(’E,N),’V,’T] else ’subst[’E1,’V,’T] fi . eq addEqC(nilC,ES) = ES . eq addEqC(consC(cSymbol(Q,N),CL),ES) = if N == 0 then addEqC(CL, (eq ’variables[{Q}’Term] = {’empty-var}’VarSet .) (eq ’safeVar[{Q}’Term] = {’empty-var}’VarSet .) (eq ’subst[{Q}’Term,’V,’T] = {Q}’Term .) ES) else addEqC(CL, (eq ’variables[Q[genArgs(’E,N)]] = ’_U_[auxEq1(’variables,N)] .) (eq ’safeVar[Q[genArgs(’E,N)]] = ’_U_[auxEq1(’safeVar,N)] .) (eq ’subst[Q[genArgs(’E,N)],’V,’T] = Q[auxEq2(N)] .) ES) fi . eq addEqF(nilF,ES) = ES . eq addEqF(consF(fSymbol(Q,N),FL),ES) = if N == 0 then addEqF(FL, (eq ’variables[{Q}’Term] = {’empty-var}’VarSet .) (eq ’safeVar[{Q}’Term] = {’empty-var}’VarSet .) (eq ’subst[{Q}’Term,’V,’T] = {Q}’Term .) ES) else addEqF(FL, (eq ’variables[Q[genArgs(’E,N)]] = ’_U_[auxEq1(’variables,N)] .) (eq ’safeVar[Q[genArgs(’E,N)]] = {’empty-var}’VarSet .) (eq ’subst[Q[genArgs(’E,N)],’V,’T] = Q[auxEq2(N)] .) ES) fi . op ruleCRWL : -> RuleSet . eq ruleCRWL =


113

(crl[’ID] : ’goal[’UVars,’SP,’PP,’__[’join[’V,’V],’JP]] => ’goal[’UVars,’SP,’PP,’JP] if ’not_[’_in_[’V,’producedVar[’PP]]] = {’true}’Bool .) (crl[’BD] : ’goal[’UVars,’SP,’PP,’__[’join[’V,’T],’JP]] => ’goal[’UVars,’__[’eq[’V,’T],’subst[’SP,’V,’T]], ’subst[’PP,’V,’T],’subst[’JP,’V,’T]] if ’_and_[’_==_[’intersection[’variables[’T], ’producedVar[’PP]], {’empty-var}’VarSet], ’not_[’_in_[’V,’_U_[’variables[’T], ’producedVar[’PP]]]]] = {’true}’Bool .) (crl[’OB1] : ’goal[’UVars,’SP,’__[’approx[’V,’T],’PP],’JP] => ’goal[’UVars,’__[’eq[’V,’T],’subst[’SP,’V,’T]], ’subst[’PP,’V,’T],’subst[’JP,’V,’T]] if ’_and_[’not_[’T : ’Var], ’not_[’_in_[’V,’producedVar[’PP]]]] = {’true}’Bool .) (crl[’OB2] : ’goal[’UVars,’SP,’__[’approx[’V,’T],’PP],’JP] => ’goal[’UVars,’SP,’subst[’PP,’V,’T],’subst[’JP,’V,’T]] if ’_and_[’not_[’T : ’Var], ’_in_[’V,’producedVar[’PP]]] = {’true}’Bool .) (rl[’IB] : ’goal[’UVars,’SP,’__[’approx[’T,’V],’PP],’JP] => ’goal[’UVars,’SP,’subst[’PP,’V,’T],’subst[’JP,’V,’T]] .) (crl[’EL] : ’goal[’UVars,’SP,’__[’approx[’E,’V],’PP],’JP] => ’goal[’UVars,’SP,’PP,’JP] if ’not_[’_in_[’V,’_U_[’variables[’PP],’variables[’JP]]]] = {’true}’Bool .) (crl[’CY] : ’goal[’UVars,’SP,’PP,’__[’join[’V,’E],’JP]] => {’FAIL}’Goal if ’_and_[’_=/=_[’V,’E],’_in_[’V,’safeVar[’E]]] = {’true}’Bool .) . op op op op op op op op op

_joinTerms_ : TermList TermList -> TermList . _approxTerms_ : TermList TermList -> TermList . genNewVars : Term MachineInt -> TermList . ruleDC1 : ConstructorL -> RuleSet . ruleIM : ConstructorL -> RuleSet . ruleDC2 : ConstructorL -> RuleSet . ruleIIM : ConstructorL -> RuleSet . ruleCF1 : ConstructorL -> RuleSet . ruleCF2 : ConstructorL -> RuleSet .

eq T1 joinTerms T2 = ’join[T1,T2] . eq ( T1,TL1 ) joinTerms ( T2,TL2 ) = ’join[T1,T2], (TL1 joinTerms TL2) .

114


eq T1 approxTerms T2 = ’approx[T1,T2] . eq ( T1,TL1 ) approxTerms ( T2,TL2 ) = ’approx[T1,T2], (TL1 approxTerms TL2) . eq genNewVars(Q,N) = if N > 1 then ’new[Q],genNewVars(’_U_[Q,’new[Q]],_-_(N,1)) else ’new[Q] fi . eq ruleDC1(nilC) = none . eq ruleDC1(consC(cSymbol(Q,N),CL)) = if N > 0 then rl[’DC1] : ’goal[’UVars,’SP,’PP, ’__[’join[Q[genArgs(’A,N)], Q[genArgs(’B,N)]],’JP]] => ’goal[’UVars,’SP,’PP, ’__[genArgs(’A,N) joinTerms genArgs(’B,N), ’JP]] . ruleDC1(CL) else rl[’DC1] : ’goal[’UVars,’SP,’PP,’__[’join[{Q}’Term, {Q}’Term],’JP]] => ’goal[’UVars,’SP,’PP,’JP] . ruleDC1(CL) fi . eq ruleIM(nilC) = none . eq ruleIM(consC(cSymbol(Q,N),CL)) = if N > 0 then crl[’IM]: ’goal[’UVars,’SP,’PP,’__[’join[’V,Q[genArgs(’E,N)]],’JP]] => ’goal[’_U_[genNewVars(’UVars,N),’UVars], ’__[’eq[’V,Q[genNewVars(’UVars,N)]], ’subst[’SP,’V,Q[genNewVars(’UVars,N)]]], ’subst[’PP,’V,Q[genNewVars(’UVars,N)]], ’subst[’__[genArgs(’E,N) joinTerms genNewVars(’UVars,N),’JP], ’V,Q[genNewVars(’UVars,N)]]] if ’_and_[’_or_[’not_[Q[genArgs(’E,N)] : ’Term], ’_=/=_[’intersection[’variables[Q[genArgs(’E,N)]], ’producedVar[’PP]], {’empty-var}’VarSet]], ’_and_[’not_[’_in_[’V,’producedVar[’PP]]], ’not_[’_in_[’V,’safeVar[Q[genArgs(’E,N)]]]]]] = {’true}’Bool . ruleIM(CL) else ruleIM(CL) fi . eq ruleDC2(nilC) = none . eq ruleDC2(consC(cSymbol(Q,N),CL)) = if N > 0 then rl[’DC2] : ’goal[’UVars,’SP, ’__[’approx[Q[genArgs(’E,N)],Q[genArgs(’T,N)]], ’PP], ’JP] => ’goal[’UVars,’SP,


115

’__[genArgs(’E,N) approxTerms genArgs(’T,N),’PP], ’JP] . ruleDC2(CL) else rl[’DC2] : ’goal[’UVars,’SP,’__[’approx[{Q}’Term,{Q}’Term],’PP], ’JP] => ’goal[’UVars,’SP,’PP,’JP] . ruleDC2(CL) fi . eq ruleIIM(nilC) = none . eq ruleIIM(consC(cSymbol(Q,N),CL)) = if N > 0 then crl[’IIM]: ’goal[’UVars,’SP, ’__[’approx[Q[genArgs(’E,N)],’V],’PP],’JP] => ’goal[’_U_[genNewVars(’UVars,N),’UVars],’SP, ’subst[’__[genArgs(’E,N) approxTerms genNewVars(’UVars,N),’PP], ’V,Q[genNewVars(’UVars,N)]], ’subst[’JP,’V,Q[genNewVars(’UVars,N)]]] if ’_and_[’not_[Q[genArgs(’E,N)] : ’Term], ’_in_[’V,’demandVar[’JP]]] = {’true}’Bool . ruleIIM(CL) else ruleIIM(CL) fi . sorts PairC PairCL . subsort PairC < PairCL . op : Constructor Constructor -> PairC [ctor]. op nilP : -> PairCL [ctor]. op consP : PairCL PairCL -> PairCL [ctor assoc id: nilP] . op addPairs : Constructor ConstructorL -> PairCL . op pairsL : ConstructorL -> PairCL . op createTerm : Qid Qid MachineInt -> Term . eq pairsL(nilC) = nilP . eq pairsL(consC(cSymbol(Q,N),CL)) = consP(addPairs(cSymbol(Q,N),CL),pairsL(CL)) . eq addPairs(cSymbol(Q,N),nilC) = nilP . eq addPairs(cSymbol(Q,N),consC(cSymbol(Q0,N0),CL)) = consP(< cSymbol(Q,N), cSymbol(Q0,N0) >,addPairs(cSymbol(Q,N),CL)) . eq createTerm(Q, Q0, N) = if N > 0 then Q[genArgs(Q0,N)] else {Q}’Term fi . var PCL : PairCL . op ruleCF1Aux : PairCL -> RuleSet . op ruleCF2Aux : PairCL -> RuleSet . eq ruleCF1(CL) = ruleCF1Aux(pairsL(CL)) . eq ruleCF1Aux(nilP) = none . eq ruleCF1Aux(consP(< cSymbol(Q,N), cSymbol(Q0,N0) >,PCL)) = rl[’CF1]: ’goal[’UVars,’SP,’PP,

116


’__[’join[createTerm(Q,’A,N), createTerm(Q0,’B,N0)], ’JP]] => {’FAIL}’Goal . ruleCF1Aux(PCL) . eq ruleCF2(CL) = ruleCF2Aux(pairsL(CL)) . eq ruleCF2Aux(nilP) = none . eq ruleCF2Aux(consP(< cSymbol(Q,N), cSymbol(Q0,N0) >,PCL)) = (rl[’CF2]: ’goal[’UVars,’SP, ’__[’approx[createTerm(Q,’E,N), createTerm(Q0,’T,N0)],’PP], ’JP] => {’FAIL}’Goal .) (rl[’CF2]: ’goal[’UVars,’SP, ’__[’approx[createTerm(Q0,’E,N0), createTerm(Q,’T,N)],’PP], ’JP] => {’FAIL}’Goal .) ruleCF2Aux(PCL) . var PTL PTL1 : PairTermL . op findMatch : Term PairTermL -> Term . *** the term is in the list eq findMatch( T1, consPT(< T1 ; T2 >,PTL)) = T2 . ceq findMatch( T, consPT(< T1 ; T2 >,PTL)) = findMatch(T, PTL) if T =/= T1 . op length : TermList -> MachineInt . eq length(T) = 1 . eq length( (T,TL) ) = 1 + length(TL) . sort TermSet . subsort Term < TermSet . var TS : TermSet . op empty-term : -> TermSet [ctor] . op _U_ : TermSet TermSet -> TermSet [ctor assoc comm id: empty-term] . op delete : Term TermSet -> TermSet . eq T U T = T . eq delete(T,empty-term) = empty-term . eq delete(T1,T1 U TS) = delete(T1,TS) . ceq delete(T1,T2 U TS) = T2 U delete(T1,TS) if T1 =/= T2 . op op op op

varsInR : RuleCRWL -> TermSet . varsInT : Term -> TermSet . varsInTL : TermList -> TermSet . varsInCond : PairTermL -> TermSet .

§B. The Module MAP-PHI eq varsInR( T1 -> T2 , PTL)) = varsInT(T1) U varsInT(T2) U varsInCond(PTL) . sort PairSubst . op genSubst : TermSet Term -> PairSubst . op pairS : PairTermL Term -> PairSubst [ctor]. op extractSubst : PairSubst -> PairTermL . op extractNewVars : PairSubst -> Term . eq extractSubst(pairS(PTL,T)) = PTL . eq extractNewVars(pairS(PTL,T)) = T . eq genSubst(empty-term,T) = pairS(nilPT,T) . eq genSubst(T1 U TS,T2) = pairS(consPT(< T1 ; ’new[T2] >, extractSubst(genSubst(delete(T1,TS), ’_U_[’new[T2],T2]))), extractNewVars(genSubst(delete(T1,TS),’_U_[’new[T2],T2]))) . op op op op eq

eq eq eq

eq eq eq eq

applySubstInR : RuleCRWL PairTermL -> RuleCRWL . applySubstInT : Term PairTermL -> Term . applySubstInTL : TermList PairTermL -> TermList . applySubstInCond : PairTermL PairTermL -> PairTermL . applySubstInR( T1 -> T2 applySubstInT(T2,PTL1) , PTL),PTL1) = consPT(< applySubstInT(T1,PTL1) ; applySubstInT(T2,PTL1) >, applySubstInCond(PTL,PTL1)) .

op condToJoin : PairTermL -> TermList .

117

118


eq condToJoin(nilPT) = {’empty-join}’JoinPart . eq condToJoin(consPT(< T1 ; T2 >, PTL)) = (’join[T1,T2] , condToJoin(PTL)) . op op op op

ruleNR1 : RuleCRWLL -> RuleSet . ruleNR1Aux : RuleCRWL Term -> RuleSet . ruleNR2 : RuleCRWLL -> RuleSet . ruleNR2Aux : RuleCRWL Term -> RuleSet .

eq ruleNR1(nilR) = none . eq ruleNR1(consR(R,RL)) = ruleNR1Aux(applySubstInR(R,extractSubst(genSubst(varsInR(R),’UVars))), extractNewVars(genSubst(varsInR(R),’UVars))) ruleNR1(RL) . eq ruleNR1Aux(Q[TL] -> T2 ’goal[T,’SP,’__[genArgs(’E,length(TL)) approxTerms TL, ’PP], ’__[’join[T2,’E],condToJoin(PTL),’JP]] .) . eq ruleNR1Aux({Q}Q0 -> T2 ’goal[T,’SP,’PP,’__[’join[T2,’E],condToJoin(PTL), ’JP]] .) . eq ruleNR2(nilR) = none . eq ruleNR2(consR(R,RL)) = ruleNR2Aux(applySubstInR(R,extractSubst(genSubst(varsInR(R),’UVars))), extractNewVars(genSubst(varsInR(R),’UVars))) ruleNR2(RL) . eq ruleNR2Aux(Q[TL] -> T2 ’goal[T,’SP, ’__[genArgs(’E,length(TL)) approxTerms TL, ’approx[T2,’T],’PP], ’__[condToJoin(PTL),’JP]] if ’_or_[’_in_[’T,’demandVar[’JP]],’not_[’T : ’Var]] = {’true}’Bool .) . eq ruleNR2Aux({Q}Q0 -> T2 ’goal[T,’SP,’__[’approx[T2,’T],’PP], ’__[condToJoin(PTL),’JP]] if ’_or_[’_in_[’T,’demandVar[’JP]],’not_[’T : ’Var]] = {’true}’Bool .) .


eq phi(crwlth(CL,FL,RL)) = (mod ’CRWLTHEORY is including ’MACHINE-INT . including ’BOOL . sortCRWL subsortCRWL addC(CL,addF(FL,opCRWL)) addVar(max(maxC(CL),maxF(FL)),varCRWL) none addEqC(CL,addEqF(FL,eqCRWL)) (ruleCRWL ruleDC1(CL) ruleIM(CL) ruleNR1(RL) ruleDC2(CL) ruleIIM(CL) ruleNR2(RL) ruleCF1(CL) ruleCF2(CL)) endm) . endfm)

119

Relating Meseguer's Rewriting Logic with the Constructor ... - CiteSeer

Relating Meseguer's Rewriting Logic with the Constructor ... - CiteSeer

Suggest Documents

Logic Programming with Constructor-based Type

Diploma Thesis Taclets vs. Rewriting Logic - Relating Semantics of Java

On Constructor-based Graph Rewriting Systems

Rewriting Logic Systems

A Solution to the Constructor-Problem of Mixin-Based ... - CiteSeer

Mapping Tile Logic into Rewriting Logic

Classical Logic I: First-Order Logic - CiteSeer

Lifting Term Rewriting Derivations in Constructor Systems by Using

The Rewriting Logic Semantics Project - Semantic Scholar

The Rewriting Logic Semantics Project - Semantic Scholar

Bi-rewriting Rewriting Logic 1 Introductionwww.researchgate.net › publication › fulltext › Bi-rewriti

Logic Programs as Term Rewriting Systems 1

A Higher Order Rewriting Logic for Functional Logic ... - CiteSeerX

Defining Standard Prolog in Rewriting Logic - CiteSeerX

Logic programming as hypergraph Rewriting - Springer Link

A Higher Order Rewriting Logic for Functional Logic ... - CiteSeerX

A Higher Order Rewriting Logic for Functional

Using Rewriting Logic to Match Patterns of

Rewriting Logic Systems - CyberLeninkawww.researchgate.net › publication › fulltext › 22228620

Modal Logic for Rewriting Theories - CECS@ANU

THEOREM PROVING FOR MAUDE'S REWRITING LOGIC

Tiling transactions in rewriting logic - CiteSeerX

Inductively Verifying Invariants of Rewriting Logic

Rewriting Logic Specification of Membrane Systems ... - CyberLeninka